On 18/12/10 7:54 PM, James A. Donald wrote:
On 2010-12-18 1:39 AM, Alfonso De Gregorio wrote:
Along this line, there is, by some years, The Underhanded C Contest,
an annual contest to write innocent-looking C code implementing
malicious behavior http://underhanded.xcott.com/
Those participating in the underhanded C contest had the considerable
advantage that the underhanded programmer was allowed to define the task
and invent the algorithm.
Hence my proposed restriction to interoperation with a good version and
use of well known algorithms and protocols.
Yeah, I second that. I was thinking of limiting it to a well known set
to be backdoored. E.g., OpenSSL, OpenSSH, IPSec.
iang
PS: But I do agree with Jon. There is a non-trivial chance that this is
just those guys futzing with our minds and sending us on a wildgoose
chase. Maybe they discovered that wikileaks is using OpenBSD or the
Iranian centrifuges are about to roll out on it or the Chinese have
mandated it for all secure stuff ... Hours of fun!
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
