Anonymous payment for hardware tokens
NIIBE Yutaka
gniibe at fsij.org
Wed Feb 4 13:56:57 CET 2015
On 02/04/2015 08:59 PM, Brian Minton wrote:
> Showing a hash wouldn't prevent a malicious entity from making a
> fake token that prints whatever hash the user expects. There's no
> way to verify that the hash is if code actually on the device, or
> that the hashed code is the only code on the device.
Thank you for your insight. Yes, if "show"-ing is by its program, it
could be also fake.
I meant, something in a JTAG/SWD protocol layer (not by user
program), built-in _hardware_ feature by semiconductor manufacturer to
show hash of flash blocks.
Scenario is like:
(1) Firmware is written to flash ROM on MCU, by a firmware author.
Possibly it's protected to be read.
(2) It is possible for an end-user to send command to MCU by
JTAG/SWD channel (even if flash ROM is protected). Like:
show_hash <BLOCK_NUM_START> <BLOCK_NUM_END>
(3) An end user can confirm that the hash is the correct one as the
firmware author says.
Does it make sense?
Sorry, I should have written down clearly, in the previous mail.
--
More information about the Gnupg-users
mailing list