At 11:52 AM 2/25/96 -0800, Timothy C. May wrote:

At 4:47 PM 2/25/96, "A. Padgett Peterson P.E. Information Security"

...

The nice thing about am implimentation in software is that the code can be examined for just this sort of thing *on a randomly selected operating unit*. - hard to do with a chip.

But of course one's compiler may have been subverted, as Ken Thompson showed some years back. Software implementations are sensitive to different sorts of attacks than hardware implementations are.

These things do not need to be verified at the source level. One could verify the output of the compiler and then publish a secure hash of it. (What an tedious job.) There is infinite regress in these things, but I would tend to trust a program which verified the secure hash of the crypto system if that program was written after I received the release of the compiler I am compiling it with. Regards - Bill ------------------------------------------------------------------------ Bill Frantz | The CDA means | Periwinkle -- Computer Consulting (408)356-8506 | lost jobs and | 16345 Englewood Ave. frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA