[cap-talk] Covert channels (was Re: Capabilities for immutable data)
Bill Frantz
frantz at pwpconsult.com
Sun Feb 20 20:33:18 PST 2011
On 2/20/11 at 6:43 PM, daw at cs.berkeley.edu (David Wagner) wrote:
>With confidentiality and covert channels, I can articulate a security
>claim, but without trusting all code that has access to the confidential
>data, I don't know how to be sure that I've achieved the security claim
>or not. My ability to know whether I've achieved the security claim is
>limited by inherent unsoundness in the patterns of reasoning we use.
I don't even know how I can gain trust in code that has access
to confidential data.
Covert channels and side channel analysis are really the same
animal. We assume a willing sender with a covert channel and an
inadvertent sender with a side channel. But we really don't have
any idea of how many modulation schemes there are that we
haven't thought of. The RSA implementations that leak keys
weren't written to try to leak the key.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Snow shuts down federal | Periwinkle
(408)356-8506 | government, life goes on. | 16345
Englewood Ave
www.pwpconsult.com | - Associated press 2/9/2010 | Los Gatos,
CA 95032
More information about the cap-talk
mailing list