[Cryptography] GHCQ Penetration of Belgacom

Dennis E. Hamilton dennis.hamilton at acm.org
Tue Dec 23 18:00:46 EST 2014

 -- in reply to --
From: cryptography [mailto:cryptography-bounces+dennis.hamilton=acm.org at metzdowd.com] On Behalf Of Guido Witmond
Sent: Tuesday, December 23, 2014 02:23
To: cryptography at metzdowd.com
Subject: Re: [Cryptography] GHCQ Penetration of Belgacom

On 12/22/14 15:54, ianG wrote:

> When I was young enough to be a uni student there was a lot of research
> into hardware reliability and the notion of having alternate hardware
> implementations vote on results.  I though it all a bit of a woftam, but
> I wonder to what extent this research was encouraged by the knowledge
> that these sorts of attacks could be practical threats?

I remember a story that early time computers were so unreliable that
programmers did a multiplication directly after a division to verify the

   I believe there was hardware that did this for addition and subtraction,
   with all of the operations working in decimal serial, not unlike you
   and I using common pencil-and-paper methods for arithmetic, including
   multiplication and division.  
   For the programmed check-on multiplications and divisions, I wonder
   how often a problem was detected and what was done about it. 

Voting on results is a common technique in aircraft and other
environments with low tolerance to failure due to wear, electrical
glitches, cosmic radiation, etc.

Crypto could be seen as low tolerance to failure. However, verification
appears to be impossible: proof that there is no leak of key material...

Regards, Guido.

More information about the cryptography mailing list