On Mon, Sep 16, 2002 at 03:51:56PM -0700, dean gaudet wrote:
> On Mon, 9 Sep 2002, Oliver Xymoron wrote:
> > making the RNG guessable is relatively easy. On the other hand
> > determining whether a given snippet of code is doing RSA, etc. is
> > equivalent to solving the halting problem, so it's seems to me pretty
> > damn hard to usefully put this sort of back door into a CPU without
> > sacrificing general-purpose functionality.
> while the general problem is certainly halting-problem level of
> complexity, there's a much more simple problem which amounts to string
> matching. the simple problem is "is this a specific portion of openssl /
> cryptoapi / whatever?"
> if you consider a technology like transmeta's which only has to
> compile/translate code infrequently (rather than a traditional technology
> with decoders running all the time) then it's pretty easy to see how you
> could use a few cycles to do the string matching.
If you're the compiler, it's pretty damn easy. If you're the CPU
watching the instruction stream generated by an unknown compiler for a
lengthy piece of code with context switches and interrupts going on,
it's back to being nontrivial again. It's simply much easier to
backdoor the RNG..
-- "Love the dolphins," she advised him. "Write by W.A.S.T.E.." - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to firstname.lastname@example.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Sep 23 2002 - 22:00:18 EST