Re: stackguard-like embedded protection

[antirez <antirez () linuxcare com>]

On Wed, Sep 13, 2000 at 10:21:29PM +0200, Bluefish (P.Magnusson) wrote:
> linux i386. I'm wondering why the usage of "int". Perhaps it's good enough
> for academic papers... But... Better to make things right from the start.

Yes, int is not a good word talking about "portable" stack protection...
If int is 32bit, than it may be a compromise between performance
and security. 2^32 is a quite large number: it probably saves you
if the brute force is for a remote bug. To spoof a  32bit number
requires a big time in the middle case.
For example if you can try to exploit the program (assuming it back
on-line after the first test) testing 10 numbers for second it takes
6 years in the middle case, that is a lot of time in an active attack
(we are not talking about cryptography, in which I take the ciphertext
 and try in my cluster for a long time)
Anyway I agree that 64bit is a number that kills the brute force ghost.
A tester larger than 64bit is paranoia (i.e. how to throw away your CPU).

antirez

--
Salvatore Sanfilippo, Open Source Developer, Linuxcare Italia spa
+39.049.80 43 411 tel, +39.049.80 43 412 fax
antirez () linuxcare com, http://www.linuxcare.com/
Linuxcare. Support for the revolution.