On Mon, Sep 09, 2002 at 04:58:50PM +0000, David Wagner wrote:
>
> Whether you like it or not, you're already trusting Intel, if you're
> using an Intel chip. If Intel were malicious and out to get you, they
> could have put a backdoor in the chip. And a RNG is *much* easier to
> reverse-engineer and audit than an entire CPU, so it would probably be
> riskier for Intel to hide a backdoor in the RNG than in, say, the CPU.
Not sure I buy that. Consider that with a CPU, you control the inputs,
you've got a complete spec of the core functionality, you've got a
huge testbed of code to test that functionality, and you've got a
whole industry of people reverse engineering your work.
More to the point, the backdoor we're worried about is one that
compromises our encryption keys to passive observers. Doing that by
making the RNG guessable is relatively easy. On the other hand
determining whether a given snippet of code is doing RSA, etc. is
equivalent to solving the halting problem, so it's seems to me pretty
damn hard to usefully put this sort of back door into a CPU without
sacrificing general-purpose functionality.
For other types of back doors, it seems likely that the NSA would go
straight to the OS vendor, or, given the state of mainstream OSes,
just use existing holes.
> >What right-thinking paranoid would place any faith in an analysis with
> >an Intel copyright? This is practically marketing fluff anyway.
>
> Marketing fluff? I take it that's a joke: I wish the marketing fluff
> I get had this much technical content and documented its experimental
> procedure like this.
Yes, I was being hyperbolic.
-- "Love the dolphins," she advised him. "Write by W.A.S.T.E.." - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Sep 15 2002 - 22:00:18 EST