[Cryptography] upgrade mechanisms and policies
Tom Mitchell
mitch at niftyegg.com
Fri Apr 17 15:48:22 EDT 2015
On Fri, Apr 17, 2015 at 11:50 AM, Ryan Carboni <ryacko at gmail.com> wrote:
>
> On Fri, Apr 17, 2015 at 2:15 AM, <alex at alten.org> wrote:
>
>>
>> Agreed, now AES is shipping with almost every Intel processor (the AES-NI
>> instruction set). The only problem is most programmers don't want to deal
>> with the extra headache of managing the crypto data keys.
>>
>> 2010: Release of first processors with AES-NI.
> 2011: Full biclique attack on AES.
>
> AES likely has a security level equal to that of Skipjack, but
>
Perhaps a larger risk is an update of worthy software to
compromised software.
I just updated the BIOS on an older laptop from Windows, then scratched my
head.
By all measure there should be a physical lock for the update to
any device involved in critical security tasks which includes devices
that could side door a network. Some of us are old enough to have
bootstrapped computers from a front panel and yellow paper tape
or burned and replaced EEPROM devices and mostly ignore bootstrap
hardening issues.
Without some local physical security the risk of a compromised software
update is vastly greater than a compromised crypto standard algorithm.
The update could be targeted or widely abused. Targeted abuses are
difficult to notice.
The trusted bootstrap tools of today seem to be used as much or more to
control
markets than they are used to sustain security. Unshared compromized
key leaks enable targeted attacks. Shared they risk national
infrastructure.
Full circle, Secured boot is perhaps in need of review. How can hardware
and bootstrap media to restore the OS both get updated as needed.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150417/7f333d6b/attachment.html>
More information about the cryptography
mailing list