@garrettr_ @flamsmark @micahflee How would you verify that the smart card is executing the audited code, and not some other code?
-
-
Replying to @BRIAN_____
@BRIAN_____@garrettr_@flamsmark@micahflee You compile and load it yourself. That's what we advocate at least: https://subgraph.com/cards2 replies 0 retweets 1 like -
Replying to @bleidl
@bleidl@BRIAN_____@garrettr_@flamsmark@micahflee Card OS backdoors?eg "if selected applet == OpenPGP AID, enable side-channel leaks"1 reply 0 retweets 0 likes -
Replying to @randomoracle
@randomoracle@BRIAN_____@garrettr_@micahflee Yes, as I admitted last time we had this argument, malicious OS (& ASIC) is possibility3 replies 0 retweets 1 like -
Replying to @bleidl
@bleidl@randomoracle@garrettr_@micahflee Could Snowden today order a smartcard online, follow your instructions, & be confidently secure?2 replies 0 retweets 1 like -
Replying to @BRIAN_____
@BRIAN_____@randomoracle@garrettr_@micahflee I can't say for sure, obviously. What attacks are you considering?1 reply 0 retweets 0 likes -
Replying to @bleidl
@BRIAN_____@randomoracle@garrettr_@micahflee I think one way to reason about this is to design hypothetical backdoors in RSA primitives3 replies 0 retweets 0 likes -
Replying to @bleidl
@bleidl@randomoracle@garrettr_@micahflee Also fault injections and other attacks that let you get the private key w/ physical possession.1 reply 0 retweets 1 like -
Replying to @BRIAN_____
@BRIAN_____@randomoracle@garrettr_@micahflee Fault injection is an attack under assumption that you can already decrypt anything you want2 replies 0 retweets 0 likes -
Replying to @bleidl
@bleidl@BRIAN_____@garrettr_@micahflee What about fault injection during PIN check to force branch & make card accept wrong PIN?2 replies 0 retweets 2 likes
@randomoracle @bleidl @garrettr_ @micahflee Yes, this is what I meant.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.