An EMBASSY is a complete cryptographic and usage measurement system integrated into hardware on the client PC. It is designed to provide metered access to executables and information by authorized users, and host specially programmed services in a secure, tamper-proof environment. The system is based on symmetric crypto implemented in a proprietary ASIC. The way it works is that Wave Systems preloads a 3DES key and unique ID into each chip when it's made. The chip then periodically contacts Wave's central server to submit updates about what your system is doing. It's possible to load Wave-approved code (protected with a 3DES MAC) into the thing, for example by downloading it over the net and loading it into the device on the fly. It doesn't look like there's any inter-app protection for code running in the device. The online communications side (WaveNet) is split into two facilities, the Transaction Gateway (which handles general comms with the device) and the Information Clearing House (which tracks usage and handles metering and billing). Worldwide use of cryptography requires balance between government regulations and business needs. [...] The VerSecure architecture involves enabling the cryptographic attributes allowed by the country of import (physical machine location.) Because the device is registered with the country of import, these attributes can manage the ever-changing government regulations, meet the needs of enterprises, developers and government bodies They claim HP is a partner in this, so it at least this part of it looks like the dying gasp of HP's ICF experiment of a few years ago. They're selling the design as a standard macro cell for integration into existing chips, one place where you'd put it is in the general-purpose I/O chips which handle keyboard/serial port/parallel port I/O (they're claiming SMSC and ITE have signed up to put it in their chipsets so you'd see them appearing in things like http://www.smsc.com/main/catalog/ultra.html, although I couldn't find any indication on their websites that they're supporting the Wave stuff). These guys are selling a dongle/Clipper chip/PentiumIII-processor-ID/potential keyboard sniffer/serial line sniffer all rolled into one, and they're expecting people to pay money to have them fitted to their PC's. All that's left for them to do is to figure out how to make them carcinogenic. More information at http://www.wavesys.com/embassy.html. Peter.
