Faking crypto chips for public algorithims is theoretically more difficult, because its simple to create a DES_verify routine to make sure your DES chip is working right.
a) chips do not need makeup b) t'were me, I would just fix the chip so that instead of 2^56 (DES) keys or whatever, the PRNG was "fixed" so that the total keyspace was only 2^32 for instance. Enough to be nearly impossible to check but small enough for a brute force engine to zip through in seconds *if you knew the algorithm*. The nice thing about am implimentation in software is that the code can be examined for just this sort of thing *on a randomly selected operating unit*. - hard to do with a chip. Warmly, Padgett
a. huh? b. I was assuming something similar to the Sun /dev/des, which is basically invoked as int cbc_crypt(key, data, datalen, mode, ivec) ^^^ If your chip is doing key generation for you, then testing is tougher. Adam A. Padgett Peterson P.E. Information Security wrote: | > Faking crypto chips for public algorithims is theoretically | >more difficult, because its simple to create a DES_verify routine to make | >sure your DES chip is working right. | | a) chips do not need makeup | b) t'were me, I would just fix the chip so that instead of 2^56 (DES) keys | or whatever, the PRNG was "fixed" so that the total keyspace was only 2^32 | for instance. Enough to be nearly impossible to check but small enough -- "It is seldom that liberty of any kind is lost all at once." -Hume
participants (2)
-
A. Padgett Peterson P.E. Information Security -
Adam Shostack