[Cryptech Tech] Roadmap & remarks about the opportunity of developing a secure TOR router on the Novena platform.

★ STMAN ★ stman at riseup.net
Mon Aug 4 09:55:52 UTC 2014


Hello Benedikt,

Thank you for your contribution,

I fully acknowledge your remarks regarding TCP/IP and SSL vulnerabilities : 
With this secure processor we are building, we cannot, of course, solve the design problems, but we can solve « implementation coding mistakes » allowing the « Buffer / Stack Overflow » families, and ROP exploitation technics.

And yes, it is a huge claim to have found ways to stop these «  Low level security breach »  and still staying compatible with C language from the Hardware at processor and processor system architecture. 
We could achieve these goals just because we decided to get rid of the classical « microprocessor » architectures that were always created without any « coordination » with software/languages/os builders. 
We designed this new architecture from our « goals priority list », and the first entry in this list was the removal of these low level security breach found at assembly level and C level, by design, with an ad-hoc self-made processor. 

I hope I will have enough time to present the prototypes, and our strategy to achieve these goals at the next CCC conference.

The way we are doing it is rather original, it is clearly a new efficient approach, and I hope this will give new ideas to other hardware crypto-anarchist researchers.

I looking forward to hearing from you,

Kind regards,

@stmanfr



Le 3 août 2014 à 11:42, Benedikt Stockebrand <bs at stepladder-it.com> a écrit :

> Hi STMAN and list(s),
> 
> ★ STMAN ★ <stman at riseup.net> writes:
> 
>> Thank you very much for your contribution Bernd, I fully agree with
>> all what you said. C language is a problem, but it is also a standard.
> 
> and assembler was standard when some people developed C to overcome the
> weaknesses of assembler, and so on.
> 
> Being "a standard" is no reason to continue using an inherently broken
> tool; that said, C was originally meant for OS development and not
> really for applications anyway.
> 
> I've taken a look at D some time ago, but it got rather quiet about it.
> Maybe some time I'll find the time to give Go a chance, but I'm not sure
> when, and if at all.
> 
>> Correcting efficiently C language « weaknesses » like intensive stack
>> usage cannot be achieved securely through software technics : [...]
> 
> Neither can it be done in hardware without breaking some of the features
> that C "offers" and which are useful in the context it was originally
> designed for, i.e. an "architecture independent high-level macro
> assembler".  And before the C fanboys here start to throw rocks: That's
> not at all derogatory; instead, C proved to the world some 40 years ago
> that such a thing, and writing an OS in it, was actually possible, while
> other people still squabbled over using operating systems at all.
> 
>> Of course, we still need to link the code with some libraries like SSL
>> and a TCP/IP stack, but understand that with no possibility to use the
>> security breach mentionned above, any « standard low level attack » on
>> this, even if not perfect (Containing overflows) would be blocked.
> 
> That's a _huge_ claim; hope you can back it with results some time.
> 
> The weaknesses with TCP/IP and especially SSL aren't all implementation
> related anyway, but design problems.  They all suffer from significant
> feature bloat, APIs that are a pain in the backside to use as is, and
> implementations that weren't necessarily built with the level of
> security awareness they would have deserved by our today's standards.
> 
> Or put more bluntly: You may be trying to fix a minor hole with lots of
> enthusiasm but completely ignore the much larger holes elsewhere.  This
> is good to get started, but it won't win you any much until you
> eventually address all the issues involved.
> 
> 
> Cheers,
> 
>    Benedikt
> 
> -- 
> Benedikt Stockebrand,                   Stepladder IT Training+Consulting
> Dipl.-Inform.                           http://www.stepladder-it.com/
> 
>          Business Grade IPv6 --- Consulting, Training, Projects
> 
> BIVBlog---Benedikt's IT Video Blog: http://www.stepladder-it.com/bivblog/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.cryptech.is/archives/tech/attachments/20140804/efc392dc/attachment.sig>


More information about the Tech mailing list