[Cryptech Tech] Incremental digest outputs

Rob Austein sra at hactrn.net
Mon Nov 17 20:49:38 UTC 2014


At Mon, 17 Nov 2014 09:52:56 +0100, Joachim Strömbergson wrote:
> Bernd Paysan wrote:
> > So yes, I'd like to have a push/pop the current state of a hash
> > algorithm. That's doable when the entire state is memory mapped.
> 
> And fairly easy to add. And then update the security model to state that
> this assumes that observing the state or manipulating the state by an
> evildoer is blocked by mechanisms outside of the core.

So that is one of the real questions: do we need this functionality
badly enough that we should weaken what protection blue currently has
against attacks by green?

I don't think our overall design model ever really expected blue to be
strongly defended against attacks by green, but one can make both
Principal of Least Privilege and defense in depth arguments against
granting green any access it does not really need to do its job.

Related question: is it green that needs this access, or only other
parts of blue (ie, other cores)?


More information about the Tech mailing list