Re: Preventing exploitation with rebasing

[Crispin Cowan <crispin () wirex com>]

Alan DeKok wrote:

> Brian Hatch <bugtraq () ifokr org> wrote:
>  
>
> > People keep saying "but it won't stop everything", and that's true.
> >    
>  Exactly.  Even DES isn't "perfectly" secure, (i.e. unbreakable).  It
> *obfuscates* the data, but does not *secure* it.  The benefit of DES
> is that it has a provable level of obfuscation.
>
>  This takes the security versus obscurity argument from the realm of
> personal opinion to one of quantitative statements.  We should have a
> similar goal for this discussion.
With one other critical factor: Systems that can be *properly* 
criticized for being "security through obscurity" have the property that 
the "obscurity" factor is fixed at software release time, or earlier. 
Thus the attacker need only crack the key once, and then own thousands 
of copies.

Systematic diversity (as explored by me 
<http://wirex.com/%7Ecrispin/crackerpatch.pdf>, Forrest et al, proposed 
in Bugtraq yesterday by Huang, and here in this thread) is qualitatively 
different in that the "key" (the degree of rebasing offset) can be 
chosen at runtime. If it is chosen with sufficient entropy, then it is 
as effective as a similar amount of entropy in your favorite crypto 
system. More, because with crypto the attacker can grind on your 
ciphertext off line, but with systematic diversity, the attacker has to 
grind on your machine, which you tend to notice sooner or later :-)

Crispin

--
Crispin Cowan, Ph.D.
Chief Scientist, WireX                      http://wirex.com/~crispin/
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html
                            Just say ".Nyet"

Attachment: _bin
Description: