PGP source code
Nexus
nexus at patrol.i-way.co.uk
Mon, 3 Sep 2001 15:21:05 +0100
----- Original Message -----
From: "Ben Laurie" <ben@algroup.co.uk>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: Monday, September 03, 2001 1:26 PM
Subject: Re: PGP source code
[snip]
> > For example, if you had binary 1, and used my compiler to produce
> > binary2, and then used a decompiler on binary1 and binary2 to procude
> > pseudo-source1 and pseudo-source2, and then tried to compare the two
> > pseudo-sources, would that be an easier task?
>
> No idea.
>
> Cheers,
>
> Ben.
[snip]
If you have the identical compiler and libraries then this would be
feasible. Most compilers have a definite signature, that some programs
such as IDA Pro will use for the decompilation process based on that
compilers code block sequence. Perhaps an easier way, based on the
assumption that you are checking for a particular type of backdoor (ie
network based or "bypass" key) is to look at what functions call the OS
based API's that deal with that functionality and look at the code
surrounding them - certainly quicker/easier to do IMHO.
Cheers,
JJ