[E-voting] encryption compromised by hardware

Justin Mason jm at jmason.org
Mon Nov 20 12:47:51 GMT 2006


Timothy Murphy writes:
> On Monday 20 November 2006 08:58, A.J.Delaney at brighton.ac.uk wrote:
> 
> > I'm not an expert in cryptography, but from what I understand if an
> > attacker has physical control over a machine all bets are off.  There
> > is, effectively, no way to reliably encrypt data on a machine that an
> > attacker can run a priviledged application on. 
> 
> That doesn't sound right to me.

No, no, it's entirely correct!

Consider the case of an attacker who successfully subverts the kernel's
file-read API; he/she can then intercept reads of specific disk sectors,
and replace the "real" data read with different, spurious data to mislead
any running application on the system -- even if it's running as root.
That's been common practice for viruses and other malware for 20 years
now.

Similarly, they can intercept or trace the encrypting operations,
capturing pass-phrases, private key data, encrypted plaintext, etc. -- it
doesn't matter how strong the algorithm is in that case.

> Do you have any reference for it?

http://portal.acm.org/citation.cfm?id=358210 -- Ken Thompson, _Reflections
on Trusting Trust_ ;)

also, http://en.wikipedia.org/wiki/Trusted_computing has some background
on the concept of the Trusted Computing Base, a more secure "core"
OS-inside-the-OS which can be trusted even in the presence of
possibly-hostile code in the running main-OS kernel.

I can't think of a good ref for the "rooted OS used to compromise
local encryption" case though... I'm sure it's happened, but can't
find a link.

--j.



More information about the E-voting mailing list