Ross's TCPA paper

Hadmut Danisch hadmut at danisch.de
Fri Jul 5 07:31:48 EDT 2002 

On Fri, Jul 05, 2002 at 03:52:52AM -0700, Seth David Schoen wrote:
> 
> memory protection and monitor or control an arbitrary process. In
> Palladium, if a system is started in a trusted mode, not even the OS
> kernel will have access to all system resources. 

That *might* be a contradiction in terms.

If I understand this correctly, the TCPA or Palladium hardware 
will include some kind of memory management device, very similar
to the ones we have in hardware of the last years, but which stores
some kind of de-/encryption information for each page segment and
which de-/encrypts every memory access. Doesn't seem to be much of
a problem, except for speed.

But how does this device know which segments belong to the software
and which don't? Or how does it know whether an allowed or foreign task
is accessing the protected areas (which is the same question again,
= is the PC in a program segment which also belongs to the protected
area). 

If this is done the simple way, like a normal OS configures the
memory management when loading some executable software, the OS
might at any time give wrong information to the device. In this case, 
the security depends on the integrity and bug-freeness of the 
OS, because the OS _could_ do it, but it is not supposed to do it.

A more advanced way would be to have the program loaded by the 
operating system as before, but to have the Palladium device check
some kind of signature to verify the correctness of the 
OS loading operation. This might lead to an uncontrollable 
problems, if programs start to load DLLs. Is the TCPA/Palladium
trust transitive? If library A is trusted, and so is B, is then
(A+B) trusted?

A third way would be to keep the OS completely out of the job
of loading software/programs into memory, and to have it done
by the Palladium device. This isn't actually a third way, but
a redefinition of terms and a migration. The OS isn't the OS
anymore, because basic tasks of the OS have been migrated to
the Palladium device, which is now to be considered as a
piece of OS in silicon.

I didn't find the time yet to read the TCPA description in 
detail. But from my current point of view I doubt that this
will really work, provide the claimed security, and will still
be a useful computer at the same time.

I especially doubt that the same company, which completely fails to
make Outlook or Internet Explorer resistent against 
content attacks (viruses, worms, ...) will be able to provide
software which such a strict separation between trusted and untrusted
data, as it is required for such a project to work.



regards
Hadmut








---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list