Several postings have sounded discouraged about maybe
having to overcome encryption. Don't despair: it's very
common for encryption schemes to be miserably flawed.
How many decades -- and how many failed encryption
schemes -- did it take before pay-TV companies got a
handle on the piracy problem? Likewise cell phones. And
do you remember CSS?
Xbox designers confront the hardest challenge in
cryptography: their device is in the hands of their
adversary, who can dissect it, stimulate it with arbitrary
signals, monitor buss traffic, and apply such tools as
glitch attacks, power analysis, differential power analysis,
and other side-channel attacks. If the designer chooses a
standard algorithm, such as the block cipher AES, the
attacker is on familiar ground; but if the designer invents
his own block cipher, he will almost always invent a weak
one (e.g., GSM cell phones).
If a cryptosystem is based on a secret key (e.g., AES), the
attacker can often extract the key by power analysis. A
well-implemented public-key-based system (e.g., digitally
signing all executables) might be harder, but a bad design
or an inadequate key length could put such a system within
I've been hoping to see ciphertext (or pointers to ciphertext)
posted to this group.
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
free60-devel mailing list