6.033 - Computer System Engineering | Handout 19 - March 31, 2003 |
Today's lecture will be on Authentication. Please read Chapter 6 sections C and F of the course notes.
Please read Ken Thompson's "Reflections on Trusting Trust" which is available in your reading packet (Reading #14) and also online. Do not be deceived by the shortness of this paper -- it is very deep and requires a lot of thinking and understanding, but it is also fun, once you get the hang of it. Keep this in mind as your prepare a one-pager based on the following question:
Two programmers, Alice and Bob, want to buy the latest version of the Microsoft C compiler. Alice downloads the compiler from the web site "microsoft.com". Bob buys a CD that claims to contain the same compiler from the local computer store.
(i) Who and what must Alice trust to believe that she received a compiler without Trojan horses?
(ii) How about bob?
In preparation for this lecture on Authorization and Confidentiality, read sections D and E of Chapter 6 of the course notes.
For recitation, read Ross Anderson's "Why cryptosystems fail" (Reading #15). It is pretty easy reading, but read it with care; the author provides many interesting examples and insights. Please also do Hands-on #6 which is on Web certificates.
Design Project 2 begins today by choosing partners; please form groups of 3 people who all have the same recitation instructor. Email the list of your group members to your recitation instructor by Thursday April 17th (please send one email per group and cc your group members). Details about the project will be handed out April 17, and it will be due on May 8th.
The price of reliability is the pursuit of the utmost simplicity.
-- Charles Anthony Richard Hoare, "The emperor's old clothes" (1980)
Go to 6.033 Home Page | Questions or Comments: 6.033-tas@mit.edu