[93233] in Cypherpunks
Re: how to release code if the programmer is a target for coercion (fwd)
daemon@ATHENA.MIT.EDU (Ryan Lackey)
Thu Jan 15 01:59:11 1998
To: Jim Choate <ravage@ssz.com>
Cc: cypherpunks@ssz.com (Cypherpunks Distributed Remailer),
eternity@internexus.net
From: Ryan Lackey <rdl@MIT.EDU>
Date: 15 Jan 1998 01:41:01 -0500
In-Reply-To: Jim Choate's message of Wed, 14 Jan 1998 09:32:54 -0600 (CST)
Reply-To: Ryan Lackey <rdl@MIT.EDU>
> man in the middle attack on people signing code
How would you do this? There is code. You sign that code with your personal
pgp key, which you are assumed to keep secure. Cases:
A) The code is authentic, but backdoored: you will look at it when verifying
it and refuse to sign it, optionally posting how it is flawed to the world.
B) The code is not the actual code used in the product, but unbackdoored:
In this case, you sign it, but when someone tries to compile, the real
code is not signed, and thus the attacker is no better off.
C) The code is not the actual code used in the product, and is backdoored:
The NSA is really stupid, then.
D) The code is the authentic code, and is unbackdoored: you win.
The only attacks would be if you could sneak a bug by the verifiers. With
modern execution environments, it is *possible* there could be unintended
consequences to almost anything. That's why I think one of the first
pieces of code verified should be the JVM.
Another attack would be having 5 NSA agents sign a piece of code, but
you could prevent that by having the list made up of distinct well known
individuals who are unlikely to all be bought -- if the NSA wants to
give $100m each to the most frequent 100 posters on cypherpunks, I want
to get in line :)
--
Ryan Lackey
rdl@mit.edu
http://mit.edu/rdl/
