Path: utzoo!utgpu!utstat!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!rutgers!apple!voder!pyramid!prls!philabs!linus!spdcc!ima!compilers-sender From: rnovak@mips.com (Robert E. Novak) Newsgroups: comp.compilers Subject: Re: Questions, concerns about ANDF Keywords: public key encryption Message-ID: <3894@ima.ima.isc.com> Date: 11 May 89 20:18:13 GMT References: <3850@ima.ima.isc.com> <3875@ima.ima.isc.com> Sender: compilers-sender@ima.ima.isc.com Reply-To: rnovak@mips.com (Robert E. Novak) Organization: MIPS Computer Systems, Sunnyvale, CA Lines: 27 Approved: compilers@ima.UUCP Why don't we just ship encrypted source code as the ANDF? The main purpose of an ANDF is to allow vendors to ship some machine independent form of their program that can be installed on a machine. Thus we can have true shrink wrap software. The vendors have proprietary algorthms locked up in their source code, hence the desire to not ship the source. Yet, almost any ANDF would be in such a form that uncompiling an ANDF back to source code would be fairly simple. Sooo... let's ship the source using public key encryption where the compilers are built by 'trusted' manufacturers that will decrypt and compile the source code and install it, without ever revealing the source code. Decryption or intercepting the compiler halfway through is guaranteed to be more difficult than uncompiling an ANDF. -- Robert E. Novak MIPS Computer Systems, Inc. {ames,decwrl,pyramid}!mips!rnovak 928 E. Arques Ave. Sunnyvale, CA 94086 rnovak@admin.mips.COM (rnovak%mips.COM@ames.arc.nasa.gov) +1 408 991-0402 [Seems to me that it's unlikely that you could create such a scheme that wasn't fairly easy to reverse engineer. Public key encryption assumes that the decryption key is not public, but in this case you'd be shipping it in every copy of the compiler. -John] -- Send compilers articles to compilers@ima.isc.com or, perhaps, Levine@YALE.EDU Plausible paths are { decvax | harvard | yale | bbn}!ima Please send responses to the originator of the message -- I cannot forward mail accidentally sent back to compilers. Meta-mail to ima!compilers-request