I thought this paper would be about writing software on top of an untrusted hardware architecture (an increasingly important national security concern, considering that so many chips are produced in foreign countries, and could have hidden flaws purposefully inserted).
Instead, the paper just provides a description of typical attacks against cryptography (man in the middle, side channel attacks). Maybe I missed something as I skimmed through this, but these subjects are much better covered in beginners textbooks.
Is there actual research into programming on untrusted hardware? I mean, I gotta think that if you think any part of your computer might be compromised you can't trust it at all.
Because a communications link is generally only a passive part of the system, it relays the signal and that is all...
Computing on untrusted hardware is like trying to convert a plaintext secret message to ciphertext while an enemy agent with perfect memory is watching over your shoulder, not exactly easy.
Because encryption hides the data content, whereas you need it in the clear to computationally manipulate it in a useful way, at least with conventional computational frameworks. How is a program going to make a decision at a control flow point if the data it needs to make the decision is encrypted? And if the data's not encrypted, and you're running on untrusted hardware, then it's compromised.
Plus this result is not that surprising in my opinion. "We cannot think of all possible algorithms to attack a system, and thus, systems might be insecure and we do not know how."
Well, duh. Complexity theorists say "We might be able to solve NP-problems in P, but no one knows how. We might be able to factorize primes faster, but we don't know how."
I thought this paper would be about writing software on top of an untrusted hardware architecture (an increasingly important national security concern, considering that so many chips are produced in foreign countries, and could have hidden flaws purposefully inserted).
Instead, the paper just provides a description of typical attacks against cryptography (man in the middle, side channel attacks). Maybe I missed something as I skimmed through this, but these subjects are much better covered in beginners textbooks.