From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <4489A7AB.9060509@anvil.com> Date: Fri, 9 Jun 2006 17:54:03 +0100 From: Dave Lukes User-Agent: Thunderbird 1.5.0.4 (X11/20060516) MIME-Version: 1.0 To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> Subject: Re: [9fans] Diskless cpu servers References: <81da0437d508c70bf6d787541b5f3f02@plan9.bell-labs.com> In-Reply-To: <81da0437d508c70bf6d787541b5f3f02@plan9.bell-labs.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable Topicbox-Message-UUID: 648c5cf6-ead1-11e9-9d60-3106f5b1d025 jmk@plan9.bell-labs.com wrote: > Is there a security/crypto expert out there who knows if there's a > way for a server to hand out a chunk of executable code then, when > the code runs and calls back, it can verify the code is running > unchanged (i.e. no local storage on the client system at all)? I'm > very na=C3=AFve about security and my gut tells me no. In general, no. If you have specific constraints, you may be able to, but in the general case, your problem is the converse of another problem I've just been looking at: can you do serious crypto on a machine without _some_ form of permanent=20 storage? Ferguson and Schneier's "Practical Cryptography" says "no", with reasoning, and I tend to believe them. D.