Cryptogram: Palladium Only for DRM
David Wagner
daw at mozart.cs.berkeley.edu
Mon Sep 16 14:45:25 EDT 2002
AARG!Anonymous wrote:
>One likely use of Pd for banking software would be to use the "secure
>vault" to lock up account number and password information. This would
>ensure that no other software than the banking client could access this
>data, so that if you got a virus it would not be able to empty your
>banking account. And if the virus infected the banking client software
>itself, that would change its hash which would keep it from being able
>to access the data.
I'm a little confused on this point. Does Palladium really check the
hash on running software? I was under the impression that any hashes
would be computed only when the banking software was loaded. If this
is the case, then a virus could simply infect the software after it
has been loaded from disk. In other words, the virus could attack the
in-memory image rather than the disk image. Probably the Palladium
designers have noticed this. What defenses does Palladium incorporate
against this sort of attack?
>Ordinary cryptography and CPU process architectures are not
>enough to provide this type of security.
Standard process separation, sandboxes, jails, virtual machines, or other
forms of restricted execution environments would suffice to solve this
problem. There is no need for remote attestation, for the DRM-enabling
features of Palladium, or for its other features that could be used to
take away control from the owner of the machine. A banking application
is a great example where the user's and the bank's interests are aligned,
and hence there is no need for physical security or for a semi-coercive
infrastructure for taking control away from the owner of the machine.
It's only the fact that today's OS's aren't very good at providing process
separation that prevents us from deploying comparable defenses today.
If security for banking applications was really the goal, why tack on
these controversial DRM-enablers?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list