[Cryptography] Lavabit's and Snowden's Solos
Henry Baker
hbaker1 at pipeline.com
Mon Mar 21 20:51:11 EDT 2016
At 04:43 PM 3/21/2016, Tom Mitchell wrote:
>Side channel attacks? Remove all equal time code for crypto functions. Remove
>all manner of bugs not related to the crypto but to the implementation framework. Remove time
>consuming functions that slow access testing. Compile O0?
Good luck detecting 'crypto functions'. It's undecidable what a 'crypto function' is.
Ever hear of Return-Oriented Programming?
Get ready for some seriously obfuscated crypto code.
Private Information Retrieval (PIR) and Oblivious Transfer (OT) are currently slow,
but watch them blossom when the rights of free people are pissed on.
Fully-Homomorphic Encryption (FHE) is coming along, albeit slowly. But it will make
phenomenally quick strides if an attempt is made to do something like what you suggest.
Basically, all hacks are two-edged swords: they can be used by both the bad guys and the
good guys (good luck trying to figure out which is which anymore!).
More information about the cryptography
mailing list