Tamperproof devices and backdoors

Matt Blaze mab at research.att.com
Fri May 25 09:50:36 EDT 2001

> > On the Other Other Hand, I vaguely remember a neat paper by Matt Blaze
> > some years ago that shows that certain classes of back doors, like
> > "good" back doors in conventional crypto systems, are equivalent in
> > difficulty to building a public key system. Anyone remember the name
> > of the paper and the exact content?
> Skimming the papers on his web page, I would guess it's related to
> M. Blaze, J. Feigenbaum and F.T. Leighton, "Master-Key Cryptosytems."
> Abstract presented at Crypto '95 (rump session), Santa Barbara, CA, August
> 1995
> http://www.crypto.com/papers/mkcs.ps
> which opens by defining a "Master-Key Cryptosystem" and then goes on to
> show that a MKCS implies a PKCS. The public key is the cryptosystem with a
> back door. The private key is the back door/master key.

That's it.  I vaguely recall paper about a year or two ago by, I think,
Bart Preenel, that expanded on a similar idea.  I don't think it cited
our MKCS tech report, so I presume he wasn't aware of it and took a slightly
different direction.

Anyway, the MKCS work refers to backdoors in algorithms, which isn't at all
the same as the problem of inserting or discovering backdoors in hardware
or, for that matter, software.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list