Palladium: technical limits and implications
Ben Laurie
ben at algroup.co.uk
Mon Aug 12 08:52:39 EDT 2002
AARG!Anonymous wrote:
> Adam Back writes:
>
>>I have one gap in the picture:
>>
>>In a previous message in this Peter Biddle said:
>>
>>
>>>In Palladium, SW can actually know that it is running on a given
>>>platform and not being lied to by software. [...] (Pd can always be
>>>lied to by HW - we move the problem to HW, but we can't make it go
>>>away completely).
>>
>
> Obviously no application can reliably know anything if the OS is hostile.
> Any application can be meddled with arbitrarily by the OS. In fact
> every bit of the app can be changed so that it does something entirely
> different. So in this sense it is meaningless to speak of an app that
> can't be lied to by the OS.
>
> What Palladium can do, though, is arrange that the app can't get at
> previously sealed data if the OS has meddled with it. The sealing
> is done by hardware based on the app's hash. So if the OS has changed
> the app per the above, it won't be able to get at old sealed data.
I don't buy this: how does Palladium know what an app is without the OS'
help?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
Available for contract work.
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list