[122535] in cryptography@c2.net mail archive
Re: OpenSparc -- the open source chip (except for the crypto parts)
daemon@ATHENA.MIT.EDU (Florian Weimer)
Mon May 5 19:54:54 2008
To: "Perry E. Metzger" <perry@piermont.com>
Cc: Marcos el Ruptor <ruptor@cryptolib.com>,
Cryptography <cryptography@metzdowd.com>
From: Florian Weimer <fweimer@bfk.de>
Date: Mon, 05 May 2008 13:41:45 +0200
In-Reply-To: <87r6chmwst.fsf@snark.cb.piermont.com> (Perry E. Metzger's message of "Sun, 04 May 2008 20:14:42 -0400")
* Perry E. Metzger:
> Marcos el Ruptor <ruptor@cryptolib.com> writes:
>> Nonsense. Total nonsense. A half-decent reverse engineer does not
>> need the source code and can easily determine the exact operation of
>> all the security-related components from the compiled executables,
>> extracted ROM/EPROM code or reversed FPGA/ASIC layout
>
> I'm glad to know that you have managed to disprove Rice's
> Theorem.
Call me a speciest, but it's not clear if Rice's Theorem applies to
humans.
While Marcos' approach is somewhat off the mark ("source-code
equivalent that works for me" vs. "conformance of potentially
malicious code to a harmless spec"), keep in mind that object code
validation has been performed for safety-critical code for quite a
while. The idea is that code for which some soundness property cannot
be shown simply fails validation. It doesn't matter if the validator
is not clever enough, or if the code is actually bogus.
(And for most (all?) non-trivial software, source code acquisition
costs are way below validiation costs, so public availability of
source code is indeed a red herring.)
--=20
Florian Weimer <fweimer@bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstra=DFe 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
