Return-Path: <linux-kernel-owner+willy=40w.ods.org@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id <S262759AbSIQBNk>; Mon, 16 Sep 2002 21:13:40 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org
	id <S263446AbSIQBNk>; Mon, 16 Sep 2002 21:13:40 -0400
Received: from waste.org ([209.173.204.2]:16268 "EHLO waste.org")
	by vger.kernel.org with ESMTP id <S262759AbSIQBNj>;
	Mon, 16 Sep 2002 21:13:39 -0400
Date: Mon, 16 Sep 2002 20:18:34 -0500
From: Oliver Xymoron <oxymoron@waste.org>
To: dean gaudet <dean-list-linux-kernel@arctic.org>
Cc: David Wagner <daw@mozart.cs.berkeley.edu>, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] (0/4) Entropy accounting fixes
Message-ID: <20020917011834.GC26230@waste.org>
References: <20020909194707.GB31597@waste.org> <Pine.LNX.4.44.0209161541430.3465-100000@twinlark.arctic.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.44.0209161541430.3465-100000@twinlark.arctic.org>
User-Agent: Mutt/1.3.28i
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1554
Lines: 32

On Mon, Sep 16, 2002 at 03:51:56PM -0700, dean gaudet wrote:
> On Mon, 9 Sep 2002, Oliver Xymoron wrote:
> 
> > making the RNG guessable is relatively easy. On the other hand
> > determining whether a given snippet of code is doing RSA, etc. is
> > equivalent to solving the halting problem, so it's seems to me pretty
> > damn hard to usefully put this sort of back door into a CPU without
> > sacrificing general-purpose functionality.
> 
> while the general problem is certainly halting-problem level of
> complexity, there's a much more simple problem which amounts to string
> matching.  the simple problem is "is this a specific portion of openssl /
> cryptoapi / whatever?"
> 
> if you consider a technology like transmeta's which only has to
> compile/translate code infrequently (rather than a traditional technology
> with decoders running all the time) then it's pretty easy to see how you
> could use a few cycles to do the string matching.

If you're the compiler, it's pretty damn easy. If you're the CPU
watching the instruction stream generated by an unknown compiler for a
lengthy piece of code with context switches and interrupts going on,
it's back to being nontrivial again. It's simply much easier to
backdoor the RNG..

-- 
 "Love the dolphins," she advised him. "Write by W.A.S.T.E.." 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/