full-disk subversion standards released

David G. Koontz david_koontz at xtra.co.nz
Sat Jan 31 21:33:54 EST 2009 

Peter Gutmann wrote:
> John Gilmore <gnu at toad.com> writes:
> 
>> The theory that we should build "good and useful" tools capable of monopoly
>> and totalitarianism, but use social mechanisms to prevent them from being
>> used for that purpose, strikes me as naive.
> 
> There's another problem with this theory and that's the practical
> implementation issue.  I've read through... well, at least skimmed through the
> elephantine bulk of the TCG specs, and also read related papers and
> publications and talked to people who've worked with the technology, to see
> how I could use it as a crypto plugin for my software (which already supports
> some pretty diverse stuff, smart cards, HSMs, the VIA Padlock engine, ARM
> security cores, Fortezza cards (I even have my own USG-allocated Fortezza ID
> :-), and in general pretty much anything out there that does crypto in any
> way, shape, or form).  However after detailed study of the TCG specs and
> discussions with users I found that the only thing you can really do with
> this, or at least the bits likely to be implemented and supported and not full
> of bugs and incompatibilities, is DRM.
> 

You could note a certain overlap between the promoters of Digital Content
Protection and the Trusted Computing Group:

http://www.digital-cp.com/about_dcp
Nearly 400 leading companies license the technology, including the following:
Semiconductor: PC Companies:	Consumer Electronics:

AMD		HP		Panasonic
Analog Devices	Microsoft	Samsung
Intel		Lenovo  	Sony
Silicon Image			Toshiba
					Full List of Licensees: Click here	
                                            (Fuji Xerox Co., Ltd.)
		
https://www.trustedcomputinggroup.org/about/members/

Current Members
  Promoter				Contributor

    AMD					   ...
    Fujitsu Limited			Panasonic
    Hewlett-Packard			   ...
    IBM					Samsung Electronics Co.
    Infineon				   ...
    Intel Corporation			Sony Corporation
    Lenovo Holdings Limited		   ...
    Microsoft				Toshiba Corporation
    Seagate Technology
    Sun Microsystems, Inc.
    Wave Systems

The costs and economy of scale say at some point all the disk drives will be
capable of FDE, whether or not it is enabled (whether or not you pay for the
'extra' feature).  The distinction is the added cost of testing the
encryption versus the cost of two different testing regimes, when silicon is
typically pin bound defining area and cost.   The same integration cost
advantages makes the like of HDMI close to zero cost to the television media
consumer.

Enterprise 'platform owners' have the capability of assuming control of the
attestation chain, while 'personal computing' might have few opportunities
other than to allow the likes of an operating system vendor to provide
control 'in loco parentis' for the naive consumer.  Loss of control of
personal computing would come about by seduction - the offer of benefits in
exchange for more of the camel edging under the tent skirt.  More's the pity
if it offers competitive advantage excluding open source.  You'd think video
content providers would be anxious for a way to provide secure delivery of
content via download.  Being able to stick video onto a disk protected by a
plus thirteen Mage DMCA spell would be a definite benefit.

I'd also imagine we'll see vulnerabilities that will allow content recovery.
Getting 'secure' computing requires a secure operating system.  Building a
computer secure against end user tampering would incur high adoption costs
that wouldn't be supportable in the marketplace.  To borrow and mutilate a
turn of phrase from Bruce, what we get is Kabuki security theater with the
commiserate tendency toward prostitution.

All that said and done, people may still well end up with better security -
data encrypted at rest.  I'd think fighting DRM would be a separate battle
from opposing FDE.  It may be worthwhile to show systemic vulnerabilities
that despite the encryption endanger threaten 'content protection', because
while DRM's proponents like to provide a stylized threat model the real
world doesn't match up.   The enterprise is able to leverage further
behavioral limits on users actions during platform operation and the Trusted
Computing threat model allows users within the cryptographic boundary
(undoubtedly due to the cost of exclusion).  Additional behavioral limits
aren't available for the DRM usage model, and there is nothing stopping the
malevolent end user from monitoring unencrypted data from a drive for example.

Trusted Computing may never be suitable for DRM either.  I'd expect an
enterprise would field a careful selected configuration that they could
manage to make work for their purposes.   DRM has to work for any
configuration.  Portability for Trusted Computing may require
virtualization.  The TCG threat model may still prevent DRM from being
anywhere near absolute in a virtualized environment.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list