Re: example: secure computing kernel needed

2003-12-14 Thread Paul A.S. Ward
I'm not sure why no one has considered the PC banking problem to be a
justification for secure computing.  Specifically, how does a user know
their computer has not been tampered with when they wish to use it for
banking access.
Paul

John S. Denker wrote:

Previous discussions of secure computing technology have
been in some cases sidetracked and obscured by extraneous
notions such as
 -- Microsoft is involved, therefore it must be evil.
 -- The purpose of secure computing is DRM, which is
intrinsically evil ... computers must be able to
copy anything anytime.
Now, in contrast, here is an application that begs for
a secure computing kernel, but has nothing to do with
microsoft and nothing to do with copyrights.
Scenario:  You are teaching chemistry in a non-anglophone
country.  You are giving an exam to see how well the
students know the periodic table.
 -- You want to allow students to use their TI-83 calculators
for *calculating* things.
 -- You want to allow the language-localization package.
 -- You want to disallow the app that stores the entire
periodic table, and all other apps not explicitly
approved.
The hardware manufacturer (TI) offers a little program
that purports to address this problem
  http://education.ti.com/us/product/apps/83p/testguard.html
but it appears to be entirely non-cryptologic and therefore
easily spoofed.
I leave it as an exercise for the reader to design a
calculator with a secure kernel that is capable of
certifying something to the effect that no apps and
no data tables (except for ones with the following
hashes) have been accessible during the last N hours.
Note that I am *not* proposing reducing the functionality
of the calculator in any way.  Rather I am proposing a
purely additional capability, namely the just-mentioned
certification capability.
I hope this example will advance the discussion of secure
computing.  Like almost any powerful technology, we need
to discuss
 -- the technology *and*
 -- the uses to which it will be put
... but we should not confuse the two.
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to 
[EMAIL PROTECTED]


--

Paul A.S. Ward, Assistant Professor  Email: [EMAIL PROTECTED]
University of Waterloo  [EMAIL PROTECTED]
Department of Computer Engineering   Tel: +1 (519) 888-4567 ext.3127
Waterloo, OntarioFax: +1 (519) 746-3077
Canada N2L 3G1   URL: http://www.ccng.uwaterloo.ca/~pasward


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: DRM of the mirror universe

2004-04-14 Thread Paul A.S. Ward


Jani Nurminen wrote:

[...]
But what content could the consumer-become-content-provider, the
ordinary person, you or me (let's call this actor the user), produce?
What could be interesting and rare for the corporation but found in
abundance from the user? One answer is personal data. 

Upon request by some corporation, the user decides to accept the
request. The user creates a DRM-protected file containing the personal
data the user wishes to reveal. When proper DRM technology is being used
(the same technology used to protect e.g. movies), the user can be sure
that the corporation is not able to 
 * use the personal data after the license period (e.g. 2 hours) has
expired
 * share the personal data with third party companies without
permission
 * do other non-authorized nasty stuff with the personal data 

Using the evil DRM technology a very good (good and evil is
subjective!) purpose can be achieved: the preservation of the user's
privacy. 
 

Welcome to ACME.com.  In order to do business with ACME.com we require
that your personal data  be provided without restriction.  If you don't 
like that, no
problem.  Feel free to do business with others.

(Don't believe that?  Gee, how many websites require javascript, java, 
activeX?)

Paul

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]