encrypted code

Christopher Browne cbbrowne-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Nov 2 14:14:57 UTC 2010


On Tue, Nov 2, 2010 at 10:03 AM, Lennart Sorensen
<lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org> wrote:
> On Mon, Nov 01, 2010 at 06:43:17PM -0400, William Park wrote:
>> From top of my head, do what nVidia binary driver or Java install script
>> do.
>>     1. Append encrypted program at the end of shell script or embed in C
>>     program.
>>     2. At run time, write it to a file, get key from remote server,
>>     decrypt it, and run it.
>
> Which leaves a decrypted file on the disk, which pretty much defeats the
> purpose of encrypting it I suspect.  It really depends WHY the encryption
> is considered necesary.
>
> Certainly neither java nor nvidia do encryption, they just have a shell
> script with a shell archive appended or something similar.
>
> Getting the encrypted binary and a wrapper delivered is the trivial bit.
> Actually doing the decryption and running without leaving secret bits
> lying around is the hard bit.

The only way I know of to do this sort of thing that isn't just
pretending to have security is to embed the encryption into
tamper-resistant hardware.

<http://en.wikipedia.org/wiki/Secure_cryptoprocessor>

That Wikipedia article at least alludes to the point that it's trouble
some to "run without leaving secret bits lying around," as you say.

There are fitful doses of discussion on the Postgres hackers list
about the notion of encrypting stored functions, which is logically
equivalent to what Dave Cramer is looking for (though likely not a
direct substitute), and the reaction is always to the effect of "if we
automate it, then you're only getting something feigning to be
security."

If you *really do* have this sort of security, then it is at odds with
the simultaneous expectation that "it needs to be Highly Available."
You can't have both at once - the things needed to make the system
Truly Secure are a latent Denial of Service attack.
-- 
http://linuxfinances.info/info/linuxdistributions.html
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list