[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope

To: "Stanley A. Klein" <sklein@cpcug.org>, susan eustis <susan@wintergreenresearch.com>
Subject: Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
From: Andrew Berg <andrewb@votehere.com>
Date: Fri, 10 Dec 2004 07:39:40 -0800
Cc: Dick Johnson <dick.johnson@Oracle.com>, "\"Vincent J. Lipsio\"" <vince@lipsio.com>, dill@CS.Stanford.edu, stds-1583-disc@ieee.org, cots@lipsio.com
In-reply-to: <1102650554.1273.17.camel@p500>
References: <200412031801.iB3I1mek003324@lipsio.com> <opsigiq3vjqh31du@congress> <000a01c4d998$d9e35ff0$020a0a0a@sleepydwarf> <41B45FF7.7010409@oracle.com> <01d101c4de60$39511ba0$020a0a0a@sleepydwarf> <1102650554.1273.17.camel@p500>
User-agent: Opera M2/7.54 (Win32, build 3869)

I think that's a little harsh. A hash built into the machine can be of some value, assuming you can account for all of the storage in the machine.

Imagine a hash protocol where instead of always just asking for the hash of the entire memory image (which would be easy to forge) we instead asked the system for a hash of memory 0x0003221a through 0x0bfffcda (or whatever) and it were required to get that right. If we knew how much memory the machine had, by randomly choosing these ranges and comparing them with some reference image we could know that it had the correct image.

Unfortunately, this requires us to assume that the machine has only as much memory as we think it does, so it's not really perfect. If there is extra, uncounted memory, that extra memory could contain something malicious. But given a simple enough hardware platform, maybe it is good enough.

(I'm not really an advocate for hashing myself--I worry about what happens if the reference image contains incorrect contents. Then all we've really accomplished is to make sure that exactly the same bad software is running everywhere.)

-andrew

On 09 Dec 2004 22:51:46 -0500, Stanley A. Klein <sklein@cpcug.org> wrote:

At some point I discussed this with Doug Jones.

If the hash test is built into the voting machine, it can be
compromised.  Just give the right answer even if the test calculates the
wrong answer.

If it isn't built in, it can be used to install malicious code, just
like the system built by the Las Vegas slot machine inspector.  He
didn't get caught for doing that.  He only got caught for an escapade in
Atlantic City involving Keno and an accomplice who qualifies as one of
the world's stupidest crooks.  The guy "won" the largest Keno jackpot
ever in New Jersey, demanded the $100K winnings in cash and refused to
give his name.  The New Jersey police smelled a rat and wound up
catching the machine inspector who was the brains behind the fraud.
Nevada then investigated him and came up with the other fraud.

Either way, the hashing approach can be compromised, especially by
insiders.

Stan Klein


--
andrewb@votehere.com

Follow-Ups:
- Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
  - From: "susan eustis" <susan@wintergreenresearch.com>

References:
- Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
  - From: "Vincent J. Lipsio" <Vince@lipsio.com>
- Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
  - From: Andrew Berg <andrewb@votehere.com>
- Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
  - From: "susan eustis" <susan@wintergreenresearch.com>
- Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
  - From: Dick Johnson <dick.johnson@oracle.com>
- Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
  - From: "susan eustis" <susan@wintergreenresearch.com>
- Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
  - From: "Stanley A. Klein" <sklein@cpcug.org>

Prev by Date: Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
Next by Date: Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
Previous by thread: Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
Next by thread: Re: [ieee] Re: Re: Quick Re: to Dick Johnson's Re: COTS scope
Index(es):
- Date
- Thread