[E-voting] encryption compromised by hardware
Justin Mason
jm at jmason.org
Mon Nov 20 12:47:51 GMT 2006
Timothy Murphy writes:
> On Monday 20 November 2006 08:58, A.J.Delaney at brighton.ac.uk wrote:
>
> > I'm not an expert in cryptography, but from what I understand if an
> > attacker has physical control over a machine all bets are off. There
> > is, effectively, no way to reliably encrypt data on a machine that an
> > attacker can run a priviledged application on.
>
> That doesn't sound right to me.
No, no, it's entirely correct!
Consider the case of an attacker who successfully subverts the kernel's
file-read API; he/she can then intercept reads of specific disk sectors,
and replace the "real" data read with different, spurious data to mislead
any running application on the system -- even if it's running as root.
That's been common practice for viruses and other malware for 20 years
now.
Similarly, they can intercept or trace the encrypting operations,
capturing pass-phrases, private key data, encrypted plaintext, etc. -- it
doesn't matter how strong the algorithm is in that case.
> Do you have any reference for it?
http://portal.acm.org/citation.cfm?id=358210 -- Ken Thompson, _Reflections
on Trusting Trust_ ;)
also, http://en.wikipedia.org/wiki/Trusted_computing has some background
on the concept of the Trusted Computing Base, a more secure "core"
OS-inside-the-OS which can be trusted even in the presence of
possibly-hostile code in the running main-OS kernel.
I can't think of a good ref for the "rooted OS used to compromise
local encryption" case though... I'm sure it's happened, but can't
find a link.
--j.
More information about the E-voting
mailing list