example: secure computing kernel needed

John S. Denker jsd at av8n.com
Wed Dec 10 12:02:46 EST 2003


Previous discussions of secure computing technology have
been in some cases sidetracked and obscured by extraneous
notions such as
  -- Microsoft is involved, therefore it must be evil.
  -- The purpose of secure computing is DRM, which is
     intrinsically evil ... computers must be able to
     copy anything anytime.

Now, in contrast, here is an application that begs for
a secure computing kernel, but has nothing to do with
microsoft and nothing to do with copyrights.

Scenario:  You are teaching chemistry in a non-anglophone
country.  You are giving an exam to see how well the
students know the periodic table.
  -- You want to allow students to use their TI-83 calculators
     for *calculating* things.
  -- You want to allow the language-localization package.
  -- You want to disallow the app that stores the entire
     periodic table, and all other apps not explicitly
     approved.

The hardware manufacturer (TI) offers a little program
that purports to address this problem
   http://education.ti.com/us/product/apps/83p/testguard.html
but it appears to be entirely non-cryptologic and therefore
easily spoofed.

I leave it as an exercise for the reader to design a
calculator with a secure kernel that is capable of
certifying something to the effect that "no apps and
no data tables (except for ones with the following
hashes) have been accessible during the last N hours."

Note that I am *not* proposing reducing the functionality
of the calculator in any way.  Rather I am proposing a
purely additional capability, namely the just-mentioned
certification capability.

I hope this example will advance the discussion of secure
computing.  Like almost any powerful technology, we need
to discuss
  -- the technology *and*
  -- the uses to which it will be put
... but we should not confuse the two.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list