Peter Gutmann wrote: > John Gilmore <g...@toad.com> writes: > >> The theory that we should build "good and useful" tools capable of monopoly >> and totalitarianism, but use social mechanisms to prevent them from being >> used for that purpose, strikes me as naive. > > There's another problem with this theory and that's the practical > implementation issue. I've read through... well, at least skimmed through the > elephantine bulk of the TCG specs, and also read related papers and > publications and talked to people who've worked with the technology, to see > how I could use it as a crypto plugin for my software (which already supports > some pretty diverse stuff, smart cards, HSMs, the VIA Padlock engine, ARM > security cores, Fortezza cards (I even have my own USG-allocated Fortezza ID > :-), and in general pretty much anything out there that does crypto in any > way, shape, or form). However after detailed study of the TCG specs and > discussions with users I found that the only thing you can really do with > this, or at least the bits likely to be implemented and supported and not full > of bugs and incompatibilities, is DRM. >
You could note a certain overlap between the promoters of Digital Content Protection and the Trusted Computing Group: http://www.digital-cp.com/about_dcp Nearly 400 leading companies license the technology, including the following: Semiconductor: PC Companies: Consumer Electronics: AMD HP Panasonic Analog Devices Microsoft Samsung Intel Lenovo Sony Silicon Image Toshiba Full List of Licensees: Click here (Fuji Xerox Co., Ltd.) https://www.trustedcomputinggroup.org/about/members/ Current Members Promoter Contributor AMD ... Fujitsu Limited Panasonic Hewlett-Packard ... IBM Samsung Electronics Co. Infineon ... Intel Corporation Sony Corporation Lenovo Holdings Limited ... Microsoft Toshiba Corporation Seagate Technology Sun Microsystems, Inc. Wave Systems The costs and economy of scale say at some point all the disk drives will be capable of FDE, whether or not it is enabled (whether or not you pay for the 'extra' feature). The distinction is the added cost of testing the encryption versus the cost of two different testing regimes, when silicon is typically pin bound defining area and cost. The same integration cost advantages makes the like of HDMI close to zero cost to the television media consumer. Enterprise 'platform owners' have the capability of assuming control of the attestation chain, while 'personal computing' might have few opportunities other than to allow the likes of an operating system vendor to provide control 'in loco parentis' for the naive consumer. Loss of control of personal computing would come about by seduction - the offer of benefits in exchange for more of the camel edging under the tent skirt. More's the pity if it offers competitive advantage excluding open source. You'd think video content providers would be anxious for a way to provide secure delivery of content via download. Being able to stick video onto a disk protected by a plus thirteen Mage DMCA spell would be a definite benefit. I'd also imagine we'll see vulnerabilities that will allow content recovery. Getting 'secure' computing requires a secure operating system. Building a computer secure against end user tampering would incur high adoption costs that wouldn't be supportable in the marketplace. To borrow and mutilate a turn of phrase from Bruce, what we get is Kabuki security theater with the commiserate tendency toward prostitution. All that said and done, people may still well end up with better security - data encrypted at rest. I'd think fighting DRM would be a separate battle from opposing FDE. It may be worthwhile to show systemic vulnerabilities that despite the encryption endanger threaten 'content protection', because while DRM's proponents like to provide a stylized threat model the real world doesn't match up. The enterprise is able to leverage further behavioral limits on users actions during platform operation and the Trusted Computing threat model allows users within the cryptographic boundary (undoubtedly due to the cost of exclusion). Additional behavioral limits aren't available for the DRM usage model, and there is nothing stopping the malevolent end user from monitoring unencrypted data from a drive for example. Trusted Computing may never be suitable for DRM either. I'd expect an enterprise would field a careful selected configuration that they could manage to make work for their purposes. DRM has to work for any configuration. Portability for Trusted Computing may require virtualization. The TCG threat model may still prevent DRM from being anywhere near absolute in a virtualized environment. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
