At 5:43 AM 3/12/96 -0500, Gary Howland wrote:
On Mon, 11 Mar 1996, Gary Howland wrote:
root access to the system, something like "strings /dev/kmem" could narrow the search for the passphrase down significantly. Of course one could obfuscate the passphrase by XOR'ing it with 0x80, but that's only security through obscrurity.
Sure, _if_ they were able to gain root access without rebooting the machine, but the usual scenario is that the filth turn up with black bin liners, not men from the NSA.
The bottom line of all cryptography is that there is something that must be kept secret. Since it must be kept secret, there is always a significant level of paranoia about the means to keep the secret. For example, one could imagine an attacker attaching a logic analyzer to the CPU chip, unloading the on-chip caches and then rummaging thru the system memory for the secret. One of the reasons classical (government) crypto users change keys frequently is to minimize the amount of data compromised by a broken key. We keep hearing about NSA decrypting 20 year old cyphertext and showing more of the workings of the atomic spy rings operating in the 40s and 50s. If an opponent can rubber hose the key, her job is easy. If she has to perform cryptoanalysis, it is much harder. Remailers should regularly change their keys to avoid compromising previously recorded traffic. (They can have a long lived key for signing their traffic keys.) Regards - Bill ------------------------------------------------------------------------ Bill Frantz | The CDA means | Periwinkle -- Computer Consulting (408)356-8506 | lost jobs and | 16345 Englewood Ave. frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA