Re: Signing and encrypting software
- From: Noob <root@xxxxxxxxx>
- Date: Thu, 22 Sep 2011 13:58:44 +0200
Jeffrey Goldberg wrote:
Consider a device which is supposed to run "trusted binaries",
id est "binaries which have been encrypted with AES-CBC, and
signed with RSASSA-PSS, as defined in PKCS#1 v2.1".
(The AES key is stored inside the device's chipset; the
public key is stored in read-only non-volatile memory.)
What is the purpose of verifying the signature. If it is to ensure that
only signed software runs, and so is checked every time the binary is
loaded, then the unencrypted binary should be what is signed.
The "trusted code" is stored encrypted in non-volatile memory.
Every time the device boots, it verifies that the signature is
correct (i.e. that the code has not been modified, right?) and
then it copies the decrypted binary to RAM.
If, however, it is really to verify a download or to check that only
signed binaries are installed, I suppose you could go either way. But my
(untrained) intuition (though I can't figure out why) is still to sign
My untrained intuition was that order wouldn't matter, which
is why I came here to ask ^_^
- Prev by Date: The Most Profound Distillation of the Feedack from Modern Cyptography.
- Next by Date: Re: The Most Profound Distillation of the Feedack from Modern Cyptography.
- Previous by thread: Re: Signing and encrypting software
- Next by thread: Re: Signing and encrypting software