RPOW - Reusable Proofs of Work
Taral
taral at taral.net
Mon Aug 16 16:52:51 EDT 2004
On Sun, Aug 15, 2004 at 02:36:51PM -0400, R. A. Hettinga wrote:
> The new concept in the server is the security model. The RPOW server
> is running on a high-security processor card, the IBM 4758 Secure
> Cryptographic Coprocessor, validated to FIPS-140 level 4. This card
> has the capability to deliver a signed attestation of the software
> configuration on the board, which any (sufficiently motivated) user
> can verify against the published source code of the system. This lets
> everyone see that the system has no back doors and will only create RPOW
> tokens when supplied with POW/RPOW tokens of equal value.
Just a quick sanity check for me... what stops you simply faking this
"attestation" and running a compromised system?
--
Taral <taral at taral.net>
This message is digitally signed. Please PGP encrypt mail to me.
"Some people cause happiness wherever they go; others, whenever they go."
-- Oscar Wilde
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20040816/62c64fda/attachment.pgp>
More information about the cryptography
mailing list