[24560] in Cypherpunks
Re: Why I have a 512 bit PGP key
daemon@ATHENA.MIT.EDU (Ian Farquhar)
Wed Dec 28 00:46:38 1994
From: "Ian Farquhar" <ianf@sydney.sgi.com>
Date: Wed, 28 Dec 1994 16:27:12 -0500
In-Reply-To: eric@remailer.net (Eric Hughes)
"Re: Why I have a 512 bit PGP key" (Dec 27, 8:54pm)
To: cypherpunks@toad.com
On Dec 27, 8:54pm, Eric Hughes wrote:
> I take it you mean recompile the binary every time? Because you'd
> need to have source around to recompile it from, and the attacker
> could modify that source even more easily than he or she could hack
> the binary. The idea is to make tampering with the binary detectable.
> Recompile the binary from newly uploaded source each time. MD5 source
> isn't more than about 10K long. That's all of a few seconds of upload
> time.
Irritating, and also insecure (system admin intercepts the upload and
replaces it with source of his or her own).
As has been stated, it's a matter of defining a threat model. IMO,
the most likely threat is from pass phrase grabbing (from a sniffer,
annex box or whatever), which destroys the security of almost all of
these schemes. Modification attacks are possible, although I doubt
that the lengths I have described would be useful.
As a serious project, though, a personal version of tripwire would
not be a bad cypherpunk project, and possibly a nice testbed for working
out some anti-tampering techniques.
> I am pretty much certain that to make such
> a system perfectly secure under these conditions is impossible.
> That's right.
Is there a standard proof for this, though? I suspect that there is, but
have not discovered it.
Ian.
