From: “Ian Farquhar” <ianf@sydney.sgi.com>
To: cypherpunks@toad.com
Message Hash: e637115d0baad5c42c253bbc27a03dd3c4f34722c1e991d857c36e2a5b817d1f
Message ID: <9412281627.ZM11604@wiley.sydney.sgi.com>
Reply To: <199412280454.UAA02250@largo.remailer.net>
UTC Datetime: 1994-12-28 05:39:09 UTC
Raw Date: Tue, 27 Dec 94 21:39:09 PST
From: "Ian Farquhar" <ianf@sydney.sgi.com>
Date: Tue, 27 Dec 94 21:39:09 PST
To: cypherpunks@toad.com
Subject: Re: Why I have a 512 bit PGP key
In-Reply-To: <199412280454.UAA02250@largo.remailer.net>
Message-ID: <9412281627.ZM11604@wiley.sydney.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain
On Dec 27, 8:54pm, Eric Hughes wrote:
> I take it you mean recompile the binary every time? Because you'd
> need to have source around to recompile it from, and the attacker
> could modify that source even more easily than he or she could hack
> the binary. The idea is to make tampering with the binary detectable.
> Recompile the binary from newly uploaded source each time. MD5 source
> isn't more than about 10K long. That's all of a few seconds of upload
> time.
Irritating, and also insecure (system admin intercepts the upload and
replaces it with source of his or her own).
As has been stated, it's a matter of defining a threat model. IMO,
the most likely threat is from pass phrase grabbing (from a sniffer,
annex box or whatever), which destroys the security of almost all of
these schemes. Modification attacks are possible, although I doubt
that the lengths I have described would be useful.
As a serious project, though, a personal version of tripwire would
not be a bad cypherpunk project, and possibly a nice testbed for working
out some anti-tampering techniques.
> I am pretty much certain that to make such
> a system perfectly secure under these conditions is impossible.
> That's right.
Is there a standard proof for this, though? I suspect that there is, but
have not discovered it.
Ian.
Return to December 1994
Return to “Thomas Grant Edwards <tedwards@src.umd.edu>”