[Cryptech Tech] arm
Basil Dolmatov
dol at reedcat.net
Tue Jan 13 00:52:26 UTC 2015
dol@ с iPad
> 12 янв. 2015 г., в 22:37, Rob Austein <sra at hactrn.net> написал(а):
>
> At Sun, 11 Jan 2015 22:08:23 +0300, Basil Dolmatov wrote:
>>
>> Moreover, handling of bulk data implies, that the source of these
>> data is reliable enough to maintain security chains without any weak
>> points in it.
>
> No, that's the point of the entire discussion we had about
> "application aware signing" (formerly known as "deep content
> inspection"): the main reason for doing the hash inside the secure
> perimeter is not performance, it's so that the code inside the secure
> perimeter can inspect every bit of what is to be hashed and signed.
That means presence inside the secure perimeter some code which can perform "some" inspection and relevant data for it to do this. Due to the fact that validity of "every bit of what is to be hashed and signed" can be determined with entirely different checks for different use cases that effectively means presence of possibility to load (and reload, update, add or change) _arbitrary_ code and data inside the secure perimeter.
Did I got the point correctly?
>
>> Otherwise we are repeating the same marketing error "private key is
>> never leaves security device, so it cannot be stolen", but it will
>> sign _any_ data, which will be supplied for signing (including bank
>> transfer of all my funds to arbitrary account ;) )
>
> Precisely the motivation for deep content inspection.
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://lists.cryptech.is/listinfo/tech
More information about the Tech
mailing list