[15927] in cryptography@c2.net mail archive
Re: RPOW - Reusable Proofs of Work
daemon@ATHENA.MIT.EDU (Taral)
Mon Aug 16 17:40:12 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 16 Aug 2004 15:52:51 -0500
From: Taral <taral@taral.net>
To: cryptography@metzdowd.com, hal@finney.org
In-Reply-To: <p061104afbd455bf3fcf9@[66.149.49.5]>
--PNTmBPCT7hxwcZjr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sun, Aug 15, 2004 at 02:36:51PM -0400, R. A. Hettinga wrote:
> The new concept in the server is the security model. The RPOW server
> is running on a high-security processor card, the IBM 4758 Secure
> Cryptographic Coprocessor, validated to FIPS-140 level 4. This card
> has the capability to deliver a signed attestation of the software
> configuration on the board, which any (sufficiently motivated) user
> can verify against the published source code of the system. This lets
> everyone see that the system has no back doors and will only create RPOW
> tokens when supplied with POW/RPOW tokens of equal value.
Just a quick sanity check for me... what stops you simply faking this
"attestation" and running a compromised system?
--=20
Taral <taral@taral.net>
This message is digitally signed. Please PGP encrypt mail to me.
"Some people cause happiness wherever they go; others, whenever they go."
-- Oscar Wilde
--PNTmBPCT7hxwcZjr
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBIR6jtOVKlL8cHDcRAr+bAKCL34/LdhYx+IxKSbx9GlvYtvTIHACdF/C7
Vkngaslr1G23EjiFrCTFVRA=
=bRll
-----END PGP SIGNATURE-----
--PNTmBPCT7hxwcZjr--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
