Skeleton Keys for Palladium Locks.

bear bear at sonic.net
Fri Aug 2 12:55:00 EDT 2002 


It occurs to me that the Palladium architecture relies on control
of the data paths between the memory and CPU.

In order to spoof it and read Palladium-protected content, all I
have to do is provide another path in and out of memory.

Dual-ported memory has been manufactured for video and DSP systems
for decades, and is frequently faster than that used for main
memory.

It should be possible to construct a memory unit ("skeleton key")
using dual-ported memory, which looks to the palladium motherboard
exactly like an ordinary memory module.  The second memory port
would be hooked up to a simple hardware "blitter" -- a standard
video-system chip that scans through the bits on the memory chip
and writes them to another memory chip, or other device.

The skeleton key would have exactly two control inputs: The first
would cause the data in memory to be copied "out" of the
palladium-controlled architecture.  The second would cause the
memory that had been copied "out" to be copied back in.  You
could hook them up to the two positions of a double-throw switch
on the front of the case if you liked, so they'd require no
software which could be detected by the Palladium motherboard.

Now, with appropriate selection of devices so that data stored
on the skeleton keys are persistent across boots, Palladium
control is circumvented. That requires a battery, but no big
deal; you can mount the battery with the switch.

The skeleton key module, if fabbed in bulk, would (wild guess
alert) probably cost about ten times what ordinary memory modules
cost. It is a simple device with a schematic that someone could
work out in an afternoon, far simpler than a PCI card. I could
have a working mask for you within a week. It could be fabbed
by a very small shop, using ordinary chips and PCB boards.

Now, I have chosen the name "skeleton key" advisedly.  Skeleton
keys are perfectly legal, necessary tools that every locksmith
must own in order to do business.  There is a legitimate market
for them, and if they were unavailable, nobody could afford the
risk of locking stuff up in a hard safe because they might not
be able to unlock it if they lose their key (if their hardware
fails or a drive crashes). Similarly, in a world where the
"locks" look like the proposed Palladium architecture, then
every "Locksmith" is going to have to have some skeleton keys
in his or her toolbox, just in order to do legitimate business.


				Bear







---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list