Bear writes:
In this case you'd need to set up the wires-and-gates model
in the QC for two ciphertext blocks, each attached to an
identical plaintext-recognizer function and attached to the
same key register. Then you set up the entangled state,
and collapse the eigenvector on the
Dr. Mike wrote, patiently, persistently and truthfully:
On Fri, 16 Aug 2002, AARG! Anonymous wrote:
Here are some more thoughts on how cryptography could be used to
enhance user privacy in a system like TCPA. Even if the TCPA group
is not receptive to these proposals, it would be useful
Here are some more thoughts on how cryptography could be used to
enhance user privacy in a system like TCPA. Even if the TCPA group
is not receptive to these proposals, it would be useful to have an
understanding of the security issues. And the same issues arise in
many other kinds of systems
Joe Ashwood writes:
Actually that does nothing to stop it. Because of the construction of TCPA,
the private keys are registered _after_ the owner receives the computer,
this is the window of opportunity against that as well.
Actually, this is not true for the endoresement key, PUBEK/PRIVEK,
Adam Back writes:
+---++
| trusted-agent | user mode |
|space | app space |
|(code ++
| compartment) | supervisor |
| | mode / OS |
+---++
| ring -1 / TOR |
David Wagner wrote:
To respond to your remark about bias: No, bringing up Document Revocation
Lists has nothing to do with bias. It is only right to seek to understand
the risks in advance. I don't understand why you seem to insinuate
that bringing up the topic of Document Revocation Lists
AARG! wrote:
I asked Eric Murray, who knows something about TCPA, what he thought
of some of the more ridiculous claims in Ross Anderson's FAQ (like the
SNRL), and he didn't respond. I believe it is because he is unwilling
to publicly take a position in opposition to such a famous and
Seth Schoen of the EFF has a good blog entry about Palladium and TCPA
at http://vitanuova.loyalty.org/2002-08-09.html. He attended Lucky's
presentation at DEF CON and also sat on the TCPA/Palladium panel at
the USENIX Security Symposium.
Seth has a very balanced perspective on these issues
Anon wrote:
You could even have each participant compile the program himself,
but still each app can recognize the others on the network and
cooperate with them.
Matt Crawford replied:
Unless the application author can predict the exact output of the
compilers, he can't issue a signature on
Adam Back writes a very thorough analysis of possible consequences of the
amazing power of the TCPA/Palladium model. He is clearly beginning to
get it as far as what this is capable of. There is far more to this
technology than simple DRM applications. In fact Adam has a great idea
for how
I want to follow up on Adam's message because, to be honest, I missed
his point before. I thought he was bringing up the old claim that these
systems would give the TCPA root on your computer.
Instead, Adam is making a new point, which is a good one, but to
understand it you need a true picture
Re the debate over whether compilers reliably produce identical object
(executable) files:
The measurement and hashing in TCPA/Palladium will probably not be done
on the file itself, but on the executable content that is loaded into
memory. For Palladium it is just the part of the program
Here are some alternative applications for TCPA/Palladium technology which
could actually promote privacy and freedom. A few caveats, though: they
do depend on a somewhat idealized view of the architecture. It may be
that real hardware/software implementations are not sufficiently secure
for
Peter Trei writes:
It's rare enough that when a new anononym appears, we know
that the poster made a considered decision to be anonymous.
The current poster seems to have parachuted in from nowhere,
to argue a specific position on a single topic. It's therefore
reasonable to infer that
Peter Trei envisions data recovery in a TCPA world:
HoM: I want to recover my data.
Me: OK: We'll pull the HD, and get the data off it.
HoM: Good - mount it as a secondary HD in my new system.
Me: That isn't going to work now we have TCPA and Palladium.
HoM: Well, what do you have to
Eric Murray writes:
TCPA (when it isn't turned off) WILL restrict the software that you
can run. Software that has an invalid or missing signature won't be
able to access sensitive data[1]. Meaning that unapproved software
won't work.
[1] TCPAmain_20v1_1a.pdf, section 2.2
We need to
16 matches
Mail list logo