On Sep 07, 2007, at 01:14:09, Trond Myklebust wrote:
A fully self-certifying system that can prevent any attack is
impossible to achieve. If I have the device and can devote as many
hours as I want to breaking into it, there is exactly ZERO way to
prevent that, aside from encrypting things and not giving out the key
(which sorta makes it useless but is precisely the point of real
crypto).
There is a HUGE difference between "I don't want the end-user to hack
into this" and "The end-user wants a certain degree of assurance that
his data can't be compromised. In the former case (IE: DRM) you are
NOT using cryptography because you are giving the user: (A) the data,
(B) the algorithm, and (C) the key, which means they can decrypt it
ANY TIME THEY WANT. In the latter case the attacker DOES NOT have
the key and virtually all of the attacks forms of "How do I get the
key?". The end-user is REQUIRED to provide an appropriate level of
physical security based on the nature of the data; If I'm that
worried about somebody substituting my /boot CD, then I'm going to
make DAMN sure that I keep it on my person at all times.
So you can't draw any relationships between "Protect the end-user"
with "Protect the device FROM the end-user", the former can be done
very reliably to whatever level of risk-reduction you need and the
latter can't practically be done at all.
Cheers,
Kyle Moffett
-
