Why I have a 512 bit PGP key

[Ian Farquhar]

On Dec 27,  8:54pm, Eric Hughes wrote:
>    I take it you mean recompile the binary every time?  Because you'd
>    need to have source around to recompile it from, and the attacker
>    could modify that source even more easily than he or she could hack
>    the binary.  The idea is to make tampering with the binary detectable.

> Recompile the binary from newly uploaded source each time.  MD5 source
> isn't more than about 10K long.  That's all of a few seconds of upload
> time.

Irritating, and also insecure (system admin intercepts the upload and
replaces it with source of his or her own).

As has been stated, it's a matter of defining a threat model.  IMO,
the most likely threat is from pass phrase grabbing (from a sniffer,
annex box or whatever), which destroys the security of almost all of
these schemes.  Modification attacks are possible, although I doubt
that the lengths I have described would be useful.

As a serious project, though, a personal version of tripwire would
not be a bad cypherpunk project, and possibly a nice testbed for working
out some anti-tampering techniques.

>    I am pretty much certain that to make such
>    a system perfectly secure under these conditions is impossible.

> That's right.

Is there a standard proof for this, though?  I suspect that there is, but
have not discovered it.

							Ian.