On Wed, 10 Dec 2003, John S. Denker wrote: > Scenario: You are teaching chemistry in a non-anglophone > country. You are giving an exam to see how well the > students know the periodic table. > -- You want to allow students to use their TI-83 calculators > for *calculating* things. > -- You want to allow the language-localization package. > -- You want to disallow the app that stores the entire > periodic table, and all other apps not explicitly > approved.
First "Solution": Erease and load by hand ========================================= What would be wrong with 1. ereasing the memories of the students' calculators 2. loading the approved apps and data immediately before the exam? (I assume, the students can't load un-approved applications during the exam.) (This is what some our teachers actually did when I went to school. Since there where no approved apps and data, step 2 was trivial. ;-) > The hardware manufacturer (TI) offers a little program > that purports to address this problem > http://education.ti.com/us/product/apps/83p/testguard.html > but it appears to be entirely non-cryptologic and therefore > easily spoofed. Why? 2. "Solution": testguard and the like ===================================== 1. Load and 2. run a trusted application with full access to all resources (including storage for applications and data, and CPU time, thus blocking all the other stuff which might be running in parallel), nothing can prevent this application from deleting all non-approved appliations and data. I am not sure, what testguard actually does, but the above is, what it *should* do. The existence of a trusted kernel would only complicate things, not simplify them. (You had to make sure that your application is running in the highest privileges mode ...) I think, both of my proposed "solutions" would actually solve your problem. Else, please describe your thread model! Without understanding your problem, no cryptographer can provide any solution. And if (given a proper definition of the problem) it turns out that there is a non-cryptographic solution which works -- so what? -- Stefan Lucks Th. Informatik, Univ. Mannheim, 68131 Mannheim, Germany e-mail: [EMAIL PROTECTED] home: http://th.informatik.uni-mannheim.de/people/lucks/ ------ I love the smell of Cryptanalysis in the morning! ------ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]