On Nov 11, 2009, at 10:36 AM, Matt Crawford wrote:
On Nov 10, 2009, at 8:44 AM, Jerry Leichter wrote:
Whether or not it can, it demonstrates the hazards of freezing
implementations of crypto protocols into ROM: Imagine a world in
which there are a couple of hundred million ZTIC's or similar
devices fielded - and a significant vulnerability is found in the
protocol they speak.
Imagine a couple of hundred million devices with updatable firmware
on them, and one or more rogue updates in the wild.
That's the flip side of the vulnerability - and it's exactly why I did
*not* suggest that the "fix" for vulnerable algorithms frozen into
silicon was to make them updatable.
Of course, there *are* situations in which that makes sense. If one
organization distributes the dongles, they could accept only updates
signed by that organization. We have pretty good methods for keeping
private keys secret at the enterprise level, so the risks should be
manageable.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [email protected]
