PGP source code
lists@notatla.demon.co.uk
lists at notatla.demon.co.uk
Mon, 3 Sep 2001 20:02:45 +0100 (BST)
From: "Owen Lewis" <oml@eloka.demon.co.uk>
> So the logic of this dictates that Uncle Sam (etc) lean on INTEL, AMD etc to
> make certain amendments to the microcode that will cause serious weakening
> of ciphertexts created using their processors? Said weakness only being
> exploitable *if* you know what the effect of the microcode amendment is?
>
> Sounds like a plan to me. I wonder if he's thought of it? Probably. Which is
> not the same thing as saying that he's done it. Anyone with knowledge of
> microcode care to speculate on an approach to how this might be done or why
> it can't be done?
My guess is that other features than crypto would be the target here.
I wrote on another list 2 years ago:
> Pure speculation, but what if copying a certain 256-bit string caused the
> program counter to pick up execution after that string ? Then practically
> every program would have an exploitable buffer overflow detectable and
> useable only by those with the secret key.
>
> Combine that with disabling protected memory in the processor and all
> those overflows are remote root exploits, perhaps triggered by a single
> ICMP packet.
Assuming that Intel can be coerced, and that a leak proving the backdoor can
be avoided with high confidence, there's no reason I can see why it can't be
done.