[Cryptography] Other obvious issues being ignored?
Bill Frantz
frantz at pwpconsult.com
Wed Oct 21 10:26:29 EDT 2015
On 10/20/15 at 8:40 PM, leichter at lrw.com (Jerry Leichter) wrote:
>I wonder how the NSA writes its security-related code?
Assembler is your friend.
With fewer hardware architectures now than in the past, it is
actually practical to write separate assembler routines for each
architecture to perform simple tasks like clearing sensitive data.
With RISC architectures it is probably impossible to write code
which keeps sensitive data out of registers and therefore out of
kernel memory on task switch. Is it possible on the X86
architecture? In any case, assembler will offer higher assurance
of what the code actually does than any compiled language.
The key here is to keep the assembler code simple enough that
you can get reasonable assurance of correctness. Saying
assurance of correctness is, of course, opening a can of worms.
The proof people argue that proof is good enough. People like me
disagree, but do think proofs are useful because they provide
another way of looking at code. For some attacks, like the Linux
"if ((userno = 0)) ..." attack, which was almost committed to
the source tree, assembler may actually be easier to check.
I will note that there have been systems which automatically
checked machine code for certain characteristics. The one I have
heard of permitted untrusted code to run in an operating system
kernel. It checked for termination by assuring there were no
backward branches, and for safety by assuring there were no
stores. (The result was returned in a register.) These are
severe limitations on coding style, but still permitted the
untrusted code to do useful things.
This experience shows that you don't have to accept every
program which is actually safe, that you can impose some fairly
severe limitations on coding style, you can still do useful
work, and you can get significant assurance advantages.
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz |"Web security is like medicine - trying to
do good for
408-356-8506 |an evolved body of kludges" - Mark Miller
www.pwpconsult.com |
More information about the cryptography
mailing list