Ross's TCPA paper
Hadmut Danisch
hadmut at danisch.de
Thu Jul 4 16:54:11 EDT 2002
On Wed, Jul 03, 2002 at 10:54:43PM -0700, Bill Stewart wrote:
> At 12:59 AM 06/27/2002 -0700, Lucky Green wrote:
> >I fully agree that the TCPA's efforts offer potentially beneficial
> >effects. Assuming the TPM has not been compromised, the TPM should
> >enable to detect if interested parties have replaced you NIC with the
> >rarer, but not unheard of, variant that ships out the contents of your
> >operating RAM via DMA and IP padding outside the abilities of your OS to
> >detect.
>
> It can? I thought that DMA was there to let you avoid
> bothering the CPU. The Alternate NIC card would need to have a
> CPU of its own to do a good job of this, but that's not hard.
I don't think so. As far as I understood, the
bus system (PCI,...) will be encrypted as well. You'll have
to use a NIC which is certified and can decrypt the information
on the bus. Obviously, you won't get a certification for such
an network card.
But this implies other problems:
You won't be able to enter a simple shell script through the
keyboard. If so, you could simple print protected files as
a hexdump or use the screen (or maybe the sound device or any
LED) as a serial interface.
Since you could use the keyboard to enter a non-certified
program, the keyboard is to be considered as a nontrusted
device. This means that you either
* have to use a certified keyboard which doesn't let
you enter bad programs
* don't have a keyboard at all
* or are not able to use shell scripts (at least not in
trusted context). This means a
strict separation between certified software and data.
If Microsoft was able to do so, we wouldn't have
worms.
Hadmut
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list