The security characteristics of crypto modules with secrets
Eric Hughes
eric at remailer.net
Wed Feb 1 08:54:28 PST 1995
The advantage of a secure crypto module on an insecure server (or
router or whatever) is in limiting the scope of successful attack.
Just to expand on this, the scope is limited in _time_, not space.
That's, when you pull out the module (literally or figuratively), the
attack is known to be over -- and don't plug it back into a machine of
unknown state.
The main important
difference between this attack and just learning the server's secret
is that it only remains useful as long as the attack is undiscovered.
Yes. Typically, once the attack is discovered, the method used in the
attack is also discovered. The particular hole is then patched. The
system can now be put back online without fear of immediate
re-compromise.
Eric
More information about the cypherpunks-legacy
mailing list