[E-voting] encryption compromised by hardware

Timothy Murphy tim at birdsnest.maths.tcd.ie
Mon Nov 20 14:18:59 GMT 2006

On Monday 20 November 2006 12:47, jm at jmason.org wrote:

> > > I'm not an expert in cryptography, but from what I understand if an
> > > attacker has physical control over a machine all bets are off.  There
> > > is, effectively, no way to reliably encrypt data on a machine that an
> > > attacker can run a priviledged application on.
> >
> > That doesn't sound right to me.
> No, no, it's entirely correct!
> Consider the case of an attacker who successfully subverts the kernel's
> file-read API; he/she can then intercept reads of specific disk sectors,
> and replace the "real" data read with different, spurious data to mislead
> any running application on the system -- even if it's running as root.
> That's been common practice for viruses and other malware for 20 years
> now.
> Similarly, they can intercept or trace the encrypting operations,
> capturing pass-phrases, private key data, encrypted plaintext, etc. -- it
> doesn't matter how strong the algorithm is in that case.
> > Do you have any reference for it?
> http://portal.acm.org/citation.cfm?id=358210 -- Ken Thompson, _Reflections
> on Trusting Trust_ ;)

One has to be a member of ACM to access this.
However, I remember reading it many years ago and finding it interesting
and instructive.

Basically, you seem to be saying that someone with root access
could run a program to see what you enter,
which I suppose has always been true.
However, I would have thought it was fairly easy to determine
if some other process was accessing your data _during_ encryption.

But I would imagine the obvious solution would be
to encrypt your data on a machine not attached to the internet,
and just convey the encrypted data to the machine on the internet.

I'm supposed to be giving 1/3 of a course on cryptography.
However, the real course is given by Michael Purser, founder of Baltimore,
(I just play with elliptic curves)
and I will ask him what he thinks.
He will almost certainly agree with you,
as he is very cynical about such things,
and has almost stopped using a computer himself.
(You have to reach him through his wife's ancient PC.)

Unfortunately he has just had an extraordinarily successful
exhibition of his paintings,
and has decided to retire to Wicklow to paint ...

Timothy Murphy  
e-mail (<80k only): tim /at/ birdsnest.maths.tcd.ie
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

More information about the E-voting mailing list