Re the debate over whether compilers reliably produce identical object (executable) files: The measurement and hashing in TCPA/Palladium will probably not be done on the file itself, but on the executable content that is loaded into memory. For Palladium it is just the part of the program called the "trusted agent". So file headers with dates, compiler version numbers, etc., will not be part of the data which is hashed. The only thing that would really break the hash would be changes to the compiler code generator that cause it to create different executable output for the same input. This might happen between versions, but probably most widely used compilers are relatively stable in that respect these days. Specifying the compiler version and build flags should provide good reliability for having the executable content hash the same way for everyone. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
Date: Fri, 9 Aug 2002 19:30:09 -0700 From: AARG!Anonymous <remailer@aarg.net>
Re the debate over whether compilers reliably produce identical object (executable) files:
The measurement and hashing in TCPA/Palladium will probably not be done on the file itself, but on the executable content that is loaded into memory. For Palladium it is just the part of the program called the "trusted agent". So file headers with dates, compiler version numbers, etc., will not be part of the data which is hashed.
The only thing that would really break the hash would be changes to the compiler code generator that cause it to create different executable output for the same input. This might happen between versions, but probably most widely used compilers are relatively stable in that respect these days. Specifying the compiler version and build flags should provide good reliability for having the executable content hash the same way for everyone.
A trivial observation: this cannot be true across hardware platforms. TCPA claims to be "platform and OS agnostic", but Palladium does not. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
On Sat, 10 Aug 2002, R. Hirschfeld wrote:
A trivial observation: this cannot be true across hardware platforms.
Untrue, just use a VM. Open Boot Forth would do nicely.
TCPA claims to be "platform and OS agnostic", but Palladium does not.
Have fun in that there tarpit.
participants (3)
-
AARG!Anonymous
-
Eugen Leitl
-
R. Hirschfeld