Palladium: Safe or Security Flaw?

R. A. Hettinga rah at shipwright.com
Fri Jul 12 13:30:05 EDT 2002 

http://www.wired.com/news/print/0,1294,53805,00.html


0

Palladium: Safe or Security Flaw?
By Paul Boutin

2:00 a.m. July 12, 2002 PST

What's Palladium? Depending on who you ask, it's either a catalyst to turn
silicon into gold for the PC industry, or it's the stuff the black
helicopters are made of.

Microsoft's recently announced R&D project, which includes chipmakers Intel
and AMD as partners, aims to combine software and hardware extensions to
traditional PC architecture. Palladium's goal: Move security-conscious
applications out of the server room and back onto the Windows desktop, by
soothing both consumer fears about privacy and corporate concerns over
piracy.

Earlier this week, Palladium architects from Microsoft and AMD provided
Wired News with separate under-the-hood tours of the software and hardware
technology plans behind Palladium's high concept pitch.

The good/bad news: As described, Palladium won't meet most of the
hyperbolic claims being made for it.

At its simplest, Palladium provides a tamper-proof vault for data on the
desktop. "One of the areas the PC needs to grow in is its resistance to
certain kinds of attacks," said Geoffrey Strongin, platform security
architect for AMD.

Those attacks include Web-based cracking and viruses, ripping CDs,
modification of application programs, and sniffs of users' passwords and
other personal data, according to Strongin. "The constraint on the problem
is the existing PC marketplace," Strongin added. "We don't want to throw
out trillions of dollars in infrastructure."

As a result, he said, Palladium was designed as an extension to current PC
hardware and software, one that would allow existing software and hardware
to work as usual, while enabling new applications and hardware that work
with encrypted data inside the PC.

In theory, the Palladium system would be safe from any attacks short of
physically opening the box and tapping into the hardware.

To support Palladium, AMD and Intel are reportedly developing new versions
of the x86 chip, the platform used for Intel's Pentium and AMD's Athlon.
According to Strongin, these chips support a new "Trusted" execution mode
that allows cryptographically authenticated programs access to a separate
memory area.

The CPU is augmented by a security coprocessor, which holds a unique pair
of crypto keys. The coprocessor is a separate component not for security
but for manufacturing reasons. Unlike today's CPU chips, each coprocessor
must be personalized with a crypto string stored in non-volatile memory ---
more akin to a smartcard than an Athlon.

Strongin suggested smartcard makers may manufacture the coprocessors, which
would then be combined with Intel or AMD CPU chips to create a
Palladium-ready motherboard.

A corresponding software component, called the Trusted operating root (or
just "the nub" by Microsoft engineers), would work in conjunction with the
CPU and its coprocessor.

Together, the nub and coprocessor are designed to encrypt data in such a
way that no other combination of nub and coprocessor would be able to
decrypt it. Change a single bit of code or move the data to another
computer, and it is unreadable. This is the core of Palladium, according to
Strongin and Peter Biddle, a Microsoft product unit manager leading
Palladium's development.

"It's like having Kerberos (cryptographic authentication) between
applications, instead of between computers on the network," Biddle said.
Applications on the PC would be unable to read from or write to one
another's Palladium-protected data. "To the rest of the system, that part
of memory is invisible -- it does not exist," Biddle said.

Microsoft plans to publish the source code for the nub, he added, because
the system is secure using crypto algorithms rather than proprietary code.

>From this relatively simple device, Microsoft is promising a slew of
Palladium-derived benefits for corporations and consumers alike: virus
protection, control over personal information, even spam blocking. Trusted
agent software running atop the nub and secure processor would, in theory,
control all use of data according to policies set by users, application
makers or content providers.

Try to print a screenshot of a digital movie without digitized permission,
and your printout would show an error message in the window where the image
should be. Forward an e-mail meant for your eyes only, and recipients would
be unable to decrypt it. Forget to pay your music subscription, and your
Palladium-enhanced player will refuse to decrypt the tunes on your hard
drive.

Spam blocking? Well, "eventually" is how Microsoft describes it.

But while neither Microsoft nor AMD would offer a date when Palladium would
move from engineers' whiteboards to store shelves (Microsoft reps gave
Newsweek a 2004 ship date), privacy advocates and security experts have
already launched an all-out attack on the plan.

Leading the charge is University of Cambridge researcher Ross Anderson, who
claims to have done closely related security consulting for Intel and
others. Anderson's Palladium FAQ describes an escalating set of abuse
scenarios for the technology, culminating with the president of the United
States disabling another country's PCs.

Anderson has gone so far as to dub Palladium's security coprocessor the
"Fritz chip," after Sen. Ernest "Fritz" Hollings (D-South Carolina),
sponsor of a bill in Congress that would require copyright control
mechanisms on all consumer electronics made or sold in the United States.

Hollings' office denied any direct involvement with Palladium's
development, as did spokespeople for the Recording Industry Association of
America.

At this rate, Palladium's proponents may spend more time dealing with
rumors than developing the technology. Strongin and Biddle are already
downplaying the digital rights management angle to their work. "Palladium
is not DRM; DRM is not Palladium," Biddle said. "DRM happens on top of
Palladium."

Biddle also denied widespread speculation that Palladium will involve
changes to the existing TCP/IP protocol of the Internet, and would be used
to disable or lock out other vendors' software, saying, "What IT manager in
his right mind -- what Microsoft in its right mind -- would roll that out?"

Palladium's challenge may be to provide sufficiently attractive security
enhancements without raising fears of remote-controlled PCs. "If you've got
the power to revoke a file because the user hasn't paid for it," said
Anderson, "you've got the power to do so even if they have."


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list