> making the RNG guessable is relatively easy. On the other hand
> determining whether a given snippet of code is doing RSA, etc. is
> equivalent to solving the halting problem, so it's seems to me pretty
> damn hard to usefully put this sort of back door into a CPU without
> sacrificing general-purpose functionality.
while the general problem is certainly halting-problem level of
complexity, there's a much more simple problem which amounts to string
matching. the simple problem is "is this a specific portion of openssl /
cryptoapi / whatever?"
if you consider a technology like transmeta's which only has to
compile/translate code infrequently (rather than a traditional technology
with decoders running all the time) then it's pretty easy to see how you
could use a few cycles to do the string matching.
people have been doing this in compilers for years, where the string
matching question is "is this part of SPECCPU?"
-dean
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/