[7203] in cryptography@c2.net mail archive
Re: NSA back doors in encryption products
daemon@ATHENA.MIT.EDU (Eugene Leitl)
Fri May 26 21:37:44 2000
From: Eugene Leitl <eugene.leitl@lrz.uni-muenchen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <14638.2222.432446.796132@lrz.uni-muenchen.de>
Date: Thu, 25 May 2000 22:16:30 -0700 (PDT)
To: Jim Choate <ravage@einstein.ssz.com>
Cc: Eugene Leitl <Eugene.Leitl@lrz.uni-muenchen.de>,
Rick Smith <rick_smith@securecomputing.com>,
"Arnold G. Reinhold" <reinhold@world.std.com>,
John Gilmore <gnu@toad.com>, cryptography@c2.net, gnu@cygnus.com
In-Reply-To: <Pine.LNX.3.96.1000524215148.30672M-100000@einstein.ssz.com>
Jim Choate writes:
> > Also, it is hard to insert a trapdoor into an FPGA. OpenSource hardware.
>
> All of it using software.
You're aware of of difficulties repeating the compiler/login trojaning
trick when you're doing metacompiling, are you? It's not that it can't
be done, but it is so much harder it's effectively impossible.
> Trying to avoid software compromises by using hardware is impossible since
> you can't build the hardware without software.
This is not true, since I can bootstrap a e.g. a Forth from scratch
(if necessary, on a human-validable MISC CPU), and key it in using
binary switches directly. It's arduous, but it can be done.
> You can't have your cake and eat it too.
Er, try applying less predicate logic to the real world. It is not all
that black and white, you know.
> As to inserting a trapdoor in an FPGA, I don't see any reason at all that
> a trapdoor can't be inserted with the appropriate understanding of the
> state space and chosing a rare state to trigger your bypass.
The assumption is, that the thing is opensourced, and hence
peer-reviewable. As to understanding state space, try understading the
state space of your desktop *nix box.
