[cryptography] Fwd: [gsc] Fwd: OpenBSD IPSEC backdoor(s)

Alfonso De Gregorio adg at crypto.lo.gy
Fri Dec 17 11:15:36 EST 2010


On Fri, Dec 17, 2010 at 4:53 PM, Bernie Cosell <bernie at fantasyfarm.com> wrote:
> On 17 Dec 2010 at 17:30, Peter Gutmann wrote:
>
>> ...There'll be no way to tell whether any of the dozens of
>> tweaks and changes are a backdoor or not.  How would you tell whether
>> something like a cast "( uint32_t ) /* For Solaris 9 with the SunPro 4.2
>> compiler */" is be a portability fix or a backdoor?  If I wanted to backdoor
>> something, I'd go for private-key leakage in DLP PKCs, which are notoriously
>> bad in terms of leaking key bits if you even look at them funny.
>
> Of course, there's always the famous backdoor Ken Thompson put into the
> Unix login program:
>
> <http://scienceblogs.com/goodmath/2007/04/strange_loops_dennis_ritchie_a.p
> hp>
>
> I have no idea how you'd find that if you even suspected something was
> amiss.


The Thompson Turing Award acceptance speech was truly wonderful.
However, David Wheeler showed how to counter trojan horse attacks on
compilers in 'Fully Countering Trusting Trust through Diverse
Double-Compiling' http://www.dwheeler.com/trusting-trust/

Interestingly enough, 26 years passed by the Thompson speech and the
dissertation by Wheeler.

--
Alfonso De Gregorio,   blogs at http://Plaintext.crypto.lo.gy

BeeWise, Security Event Futures - http://beewise.org/



More information about the cryptography mailing list