[7219] in cryptography@c2.net mail archive
Re: NSA back doors in encryption products
daemon@ATHENA.MIT.EDU (David Honig)
Sun May 28 16:52:46 2000
Message-Id: <3.0.6.32.20000528105913.008146f0@pop.sprynet.com>
Date: Sun, 28 May 2000 10:59:13 -0700
To: Ben Laurie <ben@algroup.co.uk>, David Honig <honig@sprynet.com>
From: David Honig <honig@sprynet.com>
Cc: Jim Choate <ravage@einstein.ssz.com>,
Eugene Leitl <eugene.leitl@lrz.uni-muenchen.de>,
Rick Smith <rick_smith@securecomputing.com>,
"Arnold G. Reinhold" <reinhold@world.std.com>,
John Gilmore <gnu@toad.com>, cryptography@c2.net, gnu@cygnus.com
In-Reply-To: <392F551F.5CFAADC3@algroup.co.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
At 05:54 AM 5/27/00 +0100, Ben Laurie wrote:
>David Honig wrote:
>>
>>
>> Yes but *once* you've verified the RTL (and from them the masks)
>> you don't have to worry about some stray applet hosing your security.
>> You do with software.
>
>Errr ... you do with an FPGA, surely?
Yep. By definition, reprogrammable logic is mutable, succeptible
to code changes.
But very accessable vs. an ASIC.
A secure 'closed' PDA that used an FPGA would put its config in
a write-once memory and make it tamper-resistant. The tamper-resistant
packaging is only to protect it from others while you shower or
sleep, not from you tinkering with it.
Simply prohibiting over-the-air upgrades in the architecture
is a good start.
