PGP source code

[Owen Lewis]

> -----Original Message-----
> From: ukcrypto-admin@chiark.greenend.org.uk
> [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Ian BROWN
> Sent: 03 September 2001 09:31
> To: ukcrypto@chiark.greenend.org.uk
> Subject: Re: PGP source code
>
>
> "Reflections on Trusting Trust" by Ken Thompson is a classic look
> at why you
> can never absolutely trust source code:
>
> "You can't trust code that you did not totally create yourself.
> (Especially code from companies that employ people like me.) No
> amount of source-level verification or scrutiny will protect you
> from using untrusted code. In demonstrating the possibility of
> this kind of attack, I picked on the C compiler. I could have
> picked on any program-handling program such as an assembler, a
> loader, or even hardware microcode. As the level of program gets
> lower, these bugs will be harder and harder to detect. A well
> installed microcode bug will be almost impossible to detect..."

So the logic of this dictates that Uncle Sam (etc) lean on INTEL, AMD etc to
make certain amendments to the microcode that will cause serious weakening
of ciphertexts created using their processors? Said weakness only being
exploitable *if* you know what the effect of the microcode amendment is?

Sounds like a plan to me. I wonder if he's thought of it? Probably. Which is
not the same thing as saying that he's done it. Anyone with knowledge of
microcode care to speculate on an approach to how this might be done or why
it can't be done?

Owen