[7179] in cryptography@c2.net mail archive
Re: NSA back doors in encryption products
daemon@ATHENA.MIT.EDU (Jim Choate)
Thu May 25 17:29:30 2000
Date: Wed, 24 May 2000 21:54:09 -0500 (CDT)
From: Jim Choate <ravage@einstein.ssz.com>
To: Eugene Leitl <eugene.leitl@lrz.uni-muenchen.de>
Cc: Rick Smith <rick_smith@securecomputing.com>,
"Arnold G. Reinhold" <reinhold@world.std.com>,
John Gilmore <gnu@toad.com>, cryptography@c2.net, gnu@cygnus.com
In-Reply-To: <14636.30379.44116.968436@lrz.uni-muenchen.de>
Message-ID: <Pine.LNX.3.96.1000524215148.30672M-100000@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Wed, 24 May 2000, Eugene Leitl wrote:
> Jim Choate writes:
>
> > Bull, the hardware companies aren't any more trustworthy.
>
> True. You can always validate a few from a batch by plasma etching the
> device, and trace the structures on an electromicrograph (some EMs
> allow you to observe the device in operation).
>
> Also, it is hard to insert a trapdoor into an FPGA. OpenSource hardware.
All of it using software.
Trying to avoid software compromises by using hardware is impossible since
you can't build the hardware without software.
You can't have your cake and eat it too.
As to inserting a trapdoor in an FPGA, I don't see any reason at all that
a trapdoor can't be inserted with the appropriate understanding of the
state space and chosing a rare state to trigger your bypass.
____________________________________________________________________
The future is downloading. Can you hear the impact?
O[rphan] D[rift>]
Cyber Positive
The Armadillo Group ,::////;::-. James Choate
Austin, Tx /:'///// ``::>/|/ ravage@ssz.com
www.ssz.com .', |||| `/( e\ 512-451-7087
-====~~mm-'`-```-mm --'-
--------------------------------------------------------------------
