Cryptogram: Palladium Only for DRM
Nomen Nescio
nobody at dizum.com
Wed Sep 18 20:10:06 EDT 2002
Peter Biddle writes:
> Pd is designed to fail well - failures in SW design shouldn't result in
> compromised secrets, and compromised secrets shouldn't result in a BORE
> attack.
Could you say something about the sense in which Palladium achieves
BORE ("break once run everywhere") resistance? It seems that although
Palladium is supposed to be able to provide content security (among
other things), a broken Palladium implementation would allow extracting
the content from the "virtual vault" where it is kept sealed. In that
case the now-decrypted content can indeed run everywhere.
This seems to present an inconsistency between the claimed strength of the
system and the description of its security behavior. This discrepancy
may be why Palladium critics like Ross Anderson charge that Microsoft
intends to implement "document revocation lists" which would let Palladium
systems seek out and destroy illicitly shared documents and even programs.
Some have claimed that Microsoft is talking out of both sides of its
mouth, promising the content industry that it will be protected against
BORE attacks, while assuring the security/privacy community that the
system is limited in its capabilities. If you could clear up this
discrepancy that would be helpful. Thanks...
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list