[cryptography] [liberationtech] Heml.is - "The Beautiful & Secure Messenger"
steveweis at gmail.com
Fri Jul 12 16:56:49 EDT 2013
I think compromising microcode update signing keys would be the easiest
path. Then you don't need backdoors baked in the hardware, don't need
Intel's buy-in, and can target specific systems without impacting the
public at large.
This is a pretty interesting analysis showing that these updates are
2048-bit RSA signed blobs:
On Fri, Jul 12, 2013 at 1:38 PM, Nico Williams <nico at cryptonector.com>wrote:
> I'd like to understand what attacks NSA and friends could mount, with
> Intel's witting or unwitting cooperation, particularly what attacks
> that *wouldn't* put civilian (and military!) infrastructure at risk
> should details of a backdoor leak to the public, or *worse*, be stolen
> by an antagonist.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography