> ...The goal is to defeat the Thompson attack -- Thompson trojans [the classic
> attack described in Ken Thompson's "On Trusting Trust" where the compiler 
> inserts code into login and into itself]....
Just to give credit where credit is due:  Ken Thompson didn't invent this 
attack, and cites the originators - Paul Karger and Roger Schell, way back in 
1974, 10 years before Thompson.  (Thompson may have produced the first working 
example.)  Karger and Schell's work was done for the Air Force as part of an 
analysis of the security of Multics.  I never met Roger Schell, but I knew Paul 
at DEC back in the mid 70's.  Not realizing his connection with the underlying 
ideas, I showed him Thompson's paper.  Paul explained how to counter it by 
examining the compiler output (not practical except in specialized 
circumstances) but never brought up his own role.

Sadly, he died too young in 2010.  He deserves to be credited.

The full details can be found on David A. Wheeler's page at 
http://www.dwheeler.com/trusting-trust/.  (Wheeler's 2005 dissertation provides 
a complete solution to the problem; he cites Henry Spencer for suggesting the 
idea underlying his formal treatment back in 1998.)

                                                        -- Jerry

The cryptography mailing list

Reply via email to