[Cryptography] retro crypto
Jerry Leichter
leichter at lrw.com
Wed Jan 8 20:29:04 EST 2020
> Using 1970s technology, you can build a cipher machine on
> rotor-like principles. It has the virtue of "not running
> any kind of malware because it can't".
>
> For example: Use LFSRs (linear feedback shift registers)
> to drive the address lines on a bunch of EPROMs. XOR the
> EEPROM outputs. <Hardware design omitted>
This is a neat design, though it illustrates how security is a property of the system, not of one part of the system. You have a black box that implements a cryptographic algorithm of some level of security, and does little else. It can run at the speed of a reasonable comm link. How do you get keys into it? With the speed of modern comm links, almost any cryptographic algorithm really will need the keys changed on a reasonably frequent basis. And how do you handle the plaintext? The plaintext that flows into and out of that black box these days goes to a general-purpose computer, vulnerable to all that malware you've carefully excluded from the black box.
I know you aren't suggesting that this has much practical use - it's just a nice exercise. It strikes me as attractive to the same kind of people who won't use the built-in AES instructions on their hardware because "maybe the NSA bugged it" but proceed to use the same hardware to handle the keys, the plaintext - or even implement AES "securely" themselves. The list of threats such approaches actually protects against is rather short....
-- Jerry
More information about the cryptography
mailing list