Overcoming the potential downside of TCPA

Ben Laurie ben at algroup.co.uk
Wed Aug 14 18:58:44 EDT 2002


Joseph Ashwood wrote:
> ----- Original Message -----
> From: "Ben Laurie" <ben at algroup.co.uk>
> 
>>Joseph Ashwood wrote:
>>
>>>There is nothing stopping a virtualized version being created.
>>
> 
>>What prevents this from being useful is the lack of an appropriate
>>certificate for the private key in the TPM.
> 
> 
> Actually that does nothing to stop it. Because of the construction of TCPA,
> the private keys are registered _after_ the owner receives the computer,
> this is the window of opportunity against that as well. The worst case for
> cost of this is to purchase an additional motherboard (IIRC Fry's has them
> as low as $50), giving the ability to present a purchase. The
> virtual-private key is then created, and registered using the credentials
> borrowed from the second motherboard. Since TCPA doesn't allow for direct
> remote queries against the hardware, the virtual system will actually have
> first shot at the incoming data. That's the worst case. The expected case;
> you pay a small registration fee claiming that you "accidentally" wiped your
> TCPA. The best case, you claim you "accidentally" wiped your TCPA, they
> charge you nothing to remove the record of your old TCPA, and replace it
> with your new (virtualized) TCPA. So at worst this will cost $50. Once
> you've got a virtual setup, that virtual setup (with all its associated
> purchased rights) can be replicated across an unlimited number of computers.
> 
> The important part for this, is that TCPA has no key until it has an owner,
> and the owner can wipe the TCPA at any time. From what I can tell this was
> designed for resale of components, but is perfectly suitable as a point of
> attack.

If this is true, I'm really happy about it, and I agree it would allow 
virtualisation. I'm pretty sure it won't be for Palladium, but I don't 
know about TCPA - certainly it fits the bill for what TCPA is supposed 
to do.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

Available for contract work.

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list