Cryptogram: Palladium Only for DRM
AARG!Anonymous
remailer at aarg.net
Mon Sep 16 13:51:23 EDT 2002
Niels Ferguson writes:
> What Pd adds is to take control away from the user. It "allows" the
> user to give up part of his control over the machine, and give it to a
> program. This is of course required for DRM, but I cannot really think
> of any other application. They talked about some things like banking
> software, but that is just silly. We have perfectly good cryptography to
> handle those threats, and using Pd for banking would be very dangerous.
> After all, the Pd chip isn't protected against physical attacks, so you
> have to trust the owner of the computer anyway.
One likely use of Pd for banking software would be to use the "secure
vault" to lock up account number and password information. This would
ensure that no other software than the banking client could access this
data, so that if you got a virus it would not be able to empty your
banking account. And if the virus infected the banking client software
itself, that would change its hash which would keep it from being able
to access the data.
Also, Palladium's attestation feature can be used to let the remote bank
server check that the local client is clean and uninfected. This will
catch the case where a virus infects the client before it initially
creates the "vault".
Contrary to Niels Ferguson's comments, these kinds of applications
are far from silly. As we move into an era where more individuals use
electronic banking systems, we face the risk that viruses can inflict
serious financial costs on their victims. The next Nimda could empty
your bank account and transfer its entire contents irreversibly to an
overseas server. Given this threat, the defenses above seem not only
desirable, but absolutely necessary to protect people from massive theft
and fraud. Ordinary cryptography and CPU process architectures are not
enough to provide this type of security.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list