Dave Farber
2018-08-17 02:10:55 UTC
Date: August 17, 2018 at 10:40:45 GMT+9
Subject: Re: [IP] God Mode backdoors
Dave and all,
This modus operandi was explained already, by Ken Thompson in "Reflections on Trusting Trust," and at The Witness-Voting System, in my opening chapter in the book "Towards Trustworthy Elections, New Directions in Electronic Voting", published by Springer Verlag.
User verifiability, transaction secrecy, and voting have to do with what is accessible to a CPU, or even blockchain technology, as banking front-end has to do with back-end services, nothing, and due to security design reasons, such as finding and exploiting security loopholes.
It does not even depend on key size or biometrics. In breaches, offenders and attackers can be state actors, modelled as having "infinite" resources, in practice as unlimited as needed. This revelation confirms it, but is not news.
What is needed is a method safe from machines, a cabal in collusion, extra-legal powers, etc., and that is provided not by encryption alone, ring-0, or assuring that there are no hash collisions (there are!), but by InformationTheory methods. This is discussed in the article, with research copies available by request.
Cheers,
Ed Gerck
-------------------------------------------Subject: Re: [IP] God Mode backdoors
Dave and all,
This modus operandi was explained already, by Ken Thompson in "Reflections on Trusting Trust," and at The Witness-Voting System, in my opening chapter in the book "Towards Trustworthy Elections, New Directions in Electronic Voting", published by Springer Verlag.
User verifiability, transaction secrecy, and voting have to do with what is accessible to a CPU, or even blockchain technology, as banking front-end has to do with back-end services, nothing, and due to security design reasons, such as finding and exploiting security loopholes.
It does not even depend on key size or biometrics. In breaches, offenders and attackers can be state actors, modelled as having "infinite" resources, in practice as unlimited as needed. This revelation confirms it, but is not news.
What is needed is a method safe from machines, a cabal in collusion, extra-legal powers, etc., and that is provided not by encryption alone, ring-0, or assuring that there are no hash collisions (there are!), but by InformationTheory methods. This is discussed in the article, with research copies available by request.
Cheers,
Ed Gerck
Archives: https://www.listbox.com/member/archive/247/=now
Modify Your Subscription: https://www.listbox.com/member/?member_id=26461375
Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=26461375&id_secret=26461375-c2b8a462&post_id=20180816221105:CA0C4770-A1C2-11E8-BF39-E96329A5D8F1
Powered by Listbox: https://www.listbox.com