[117780] in Cypherpunks
Re: repost: Civil war for our personal computers.
daemon@ATHENA.MIT.EDU (Anonymous)
Fri Sep 10 12:38:10 1999
Date: Fri, 10 Sep 1999 18:21:17 +0200 (CEST)
Message-Id: <199909101621.SAA25098@mail.replay.com>
From: Anonymous <nobody@replay.com>
To: cypherpunks@cyberpass.net
Reply-To: Anonymous <nobody@replay.com>
Gary Jeffers writes:
> <DIV><FONT color=3D#000000 size=3D2><BR> The BACK-DOORED CPU =
> POSTULATE: The NSA=20
> either already has or soon will have the=20
> major<BR> cpu =
> manufacturers,=20
> including Intel, distributing cpu's with back doors in=20
> their<BR> designs. This =
> method=20
> is simply too elegant and too cheap on a per target basis to=20
Isn't HTML great? It makes your messages so much more readable and "alive"
than old-fashioned text. I'll bet nobody would even read your postings
if you didn't go to the trouble to add this extra formatting.
What's " " anyway? Is this the modern version of "fnord"?
Anyway, what makes you think that backdooring chips in this way is
even possible? How could you backdoor a CPU chip to allow access to
plaintext? It doesn't seem possible. Any number of crypto algorithms
could be used, all with different characteristics. There is no universal
crypto-algorithm recognizer.
If you are still worried about backdoors, maybe the thing to do is to
write obfuscatable code. Imagine a technology that takes a crypto engine
written in some higher level pseudo-assembly language and which implements
it with built-in randomization. Virtual registers would be randomly
mapped to physical locations; opcode sequences would be padded with other
instructions selected at random; there would be a menu of possible but
equivalent sequences for generating any specific virtual opcode. The net
result would be that the implementation of even a known algorithm could
be done in a million ways, and would be different every time it ran.
Of course this would slow the algorithm considerably, but in many
applications this is tolerable. A few hundred milliseconds extra to
encrypt your email isn't going to be noticed.