[Cryptography] Trust & randomness in computer systems

Arnold Reinhold agr at me.com
Thu Mar 17 18:00:03 EDT 2016


On  Wed, 16 Mar 2016 09:07 Henry Baker wrote:

> I've come around to Dan Geer's way of thinking:
> look to biological systems.  They've been dealing
> with "security" problems for perhaps 2 billion
> years, so there's some chance that they have
> some tricks up their microscopic sleeves.

Here is a link to a paper I submitted back in 1989 that analyzes one section of the biological immune system from a cryptographic point of view:

   https://www.researchgate.net/publication/239937720_On_the_Function_of_MHC-Antigen_Specificity 

It discuss why humans reject organ transplants from other humans so aggressively—after all invasion by other human organs is not a threat found nature. It turns out cells in humans (and other animals) take apart used proteins on a regular basis, and present a subset of all possible protein fragments on the cell surface for inspection by a certain type of white blood cell. Cells presenting fragments that appear foreign are attacked by white cells. The subset of protein fragments that are presented varies between individuals, effectively creating a password for that individual. The genes that control this password, the Major Histocompatiblity Complex (MHC), are randomized during sexual reproduction. So a virus that evolves to evade this system in one individual is not likely to successfully evade it in a different individual. As a side effect, tissue transplanted from another individual is unlikely to have the right password. Tissue matching looks for donors who have similar passwords. My analysis suggests that the password space is limited by a trade off between the stringency of the checking system and the process, early in life, of training white blood cells to ignore self-protein fragments. Failures in this training can result in auto-immune disease.

The possible lesson for computer security might be increased diversity. For example, anti-virus companies might ship different detection vectors to different subsets of customers, so virus authors would not necessarily know what vectors are out there (though collecting them all might not be that hard). Another idea inspired by this is processors with different (permuted) opcodes. The compiler or loader would have to know the opcode table for the target computer.  A virus that gets into one machine won’t run on most others. The opcode space might be larger than needed to express all instructions, so an attacker could not just create a bunch of viruses with different combinations of opcodes to see which one worked. 

Arnold Reinhold


More information about the cryptography mailing list