[cryptography] [liberationtech] Heml.is - "The Beautiful & Secure Messenger"

Steve Weis steveweis at gmail.com
Fri Jul 12 16:56:49 EDT 2013


I think compromising microcode update signing keys would be the easiest
path. Then you don't need backdoors baked in the hardware, don't need
Intel's buy-in, and can target specific systems without impacting the
public at large.

This is a pretty interesting analysis showing that these updates are
2048-bit RSA signed blobs:
http://inertiawar.com/microcode/


On Fri, Jul 12, 2013 at 1:38 PM, Nico Williams <nico at cryptonector.com>wrote:
>
> I'd like to understand what attacks NSA and friends could mount, with
> Intel's witting or unwitting cooperation, particularly what attacks
> that *wouldn't* put civilian (and military!) infrastructure at risk
> should details of a backdoor leak to the public, or *worse*, be stolen
> by an antagonist.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130712/a8099458/attachment.html>


More information about the cryptography mailing list