Re: Designing and implementing malicious hardware
There are high assurance systems that exist that do eactly this. There are two different implementations of the security unit processing the same data. The outputs are compared by a seperate high assurance and validated module that enters into an alarm mode should the outputs differ. However, these are generally costly affairs, you need to pay two implementation teams etc, therefore remain the luxury of only the most critical systems. For hardware, this would mean running multiple chips in parallel checking each others states/outputs. Architectures like that have been built for reliability (e.g., Stratus), but generally they assume identical processors. Whether you can actually build such a thing with deliberately different processors is an open question. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Double Encryption Q
Quick system scenario: You have packet [A]. It gets encrypted using an AES algo in a particular mode and we are left with [zA]. More data [B] is added to that encrypted packet. Now I have [zA]+[B] in one packet and I re-encrypt it with the same algo/key/mode. Have I just compromised the security somehow? I wasn't aware of anything but something about this double encryption made something ring in my mind so I wanted to double check... Many thanks, Mr Pink - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RNG for Padding
Hi, This may be out of the remit of the list, if so a pointer to a more appropriate forum would be welcome. In Applied Crypto, the use of padding for CBC encryption is suggested to be met by ending the data block with a 1 and then all 0s to the end of the block size. Is this not introducing a risk as you are essentially introducing a large amount of guessable plaintext into the ciphertext. Is it not wiser to use RNG data as the padding, and using some kind of embedded packet size header to tell the system what is padding? Thanks for your suggestions, Mr Pink - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
