Date: Mon, 14 Feb 94 20:50:28 EST
From: Raymond Lau <raylau(_at_)MIT(_dot_)EDU>
> Thus the software environment itself can be made relatively
unspoofable.
If this is the case, then the same environment can protect the database.
Why can't the OS maintain hashes of the database as well?
Because the software is essentially read-only --- or can be made that
way. I can burn it into a PROM, or put it into a Flash EPROM and them
make sure that the programming voltages aren't available, run it from a
CD-ROM, etc.
The database intrinsically needs to be read-write; and if I can modify
it to add a new certificate, some evil NSA agent can also twiddle the
"certificate OK bit".
Furthermore, even without protecting the software in some sort of
read-only medium, I can always double check the software by comparing it
against a trusted copy stored in secure storage. In contrast, if the
database is not self-verifying and I suspect that it may have been
tampered with, the only way I can double check it is to dump out the
entire database, and manually inspect each public key and its
"verification bit" to see if it's set correctly. This is NOT a trivial
task.
- Ted