[cryptography] Fwd: [gsc] Fwd: OpenBSD IPSEC backdoor(s)

Kevin W. Wall kevin.w.wall at gmail.com
Fri Dec 17 10:46:03 EST 2010


On 12/17/2010 07:42 AM, Ian G wrote:
> (resend, with right sender this time)
> 
> On 17/12/10 3:30 PM, Peter Gutmann wrote:
> 
>> To put it more succinctly, and to paraphrase Richelieu, give me six
>> lines of
>> code written by the hand of the most honest of coders and I'll find
>> something
>> in there to backdoor.
> 
> 
> This is the sort of extraordinary claim which I like.
> 
> So, how to explore this claim and turn it into some form of
> scientifically validated proposition?
> 
> Perhaps we should run a competition?
> 
>    Come one, come all!  Bring your K&R!
> 
>    Submit the most subtle backdoor into open source crypto thingumyjob.
> 
>    Win fame, fortune, and a free holiday in a disputed part of Cuba ...
> 
>    Judged by a panel of extremely crotchety and skeptical cryptoplumbers
> 
>    (aka, assembled herein).
> 
> Fancy?

I like it. And I propose that this be the 6 lines of code:

	int a;
	int b;
	int c;
	int d;
	int e;
	int f;

Not impossible, but good luck with that!  OK, don't like that one? How about
these 6 lines:

                        }
                    }
                }
            }
        }
    }

or maybe 6 arbitrary #include lines? Or to be *really* mean, try to do
something with this?

	void someNeverCalledFcn()
	{
		// Any 6 lines you would like
	}

Oh, and BTW, did I mention that these *NINE* lines are the LAST 9 lines of
the C source file and as the function name indicates, it's just dead
code that someone left lying around and is never called??? I'm pretty sure
this one is especially hard to do much with other than perhaps causing
compilation errors. (Or maybe you can exploit a BoF in the C compiler!!!
Does that count? Works for me.)

OK, obviously, such a contest would need some additional constraints, such
as the one attempting the back door gets to see the rest of the program! Fair
enough.

Also, such a contest should not be CONTRIVED code, but actual working code.
So, the greater chore might be to pick something suitable to attempt to
back door.

Lastly, since this whole discussion arose from allegations of a OpenBSD IPSec
back door, I contend that 1) not only should the code be open sources, but
2) the back door must be implemented in a way that is NOT obvious!

What do I want the latter constraint (back door not obvious)? Because,
the OpenBSD team is very thorough about doing manual code inspection
of all the code that is in the OpenBSD kernel. So in the case of this
specific allegation, such back doored code would have had to slip by
any original as well as subsequent code inspections. If the back door
were "obvious" (and I realize that's a subjective term, but we are all
likely to say "I'd know an *obvious* back door if I saw it"...at least
if it in my are of subject matter expertise), then it would have been
useless.

Anyway, I like Ian's idea. This could replace the Obfuscated C Code
Contest that they (used to? still?) hold, which was getting really boring
anyway.

Thoughts?
-kevin
--
Kevin W. Wall
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We cause accidents."        -- Nathaniel Borenstein, co-creator of MIME



More information about the cryptography mailing list