A talk on Intellectual Property and National Defense

Adam Shostack adam at homeport.org
Tue Feb 4 10:26:24 EST 2003

I believe that DRM systems will require not just an authorized boot 
sequence, but a secure remote attestation that that boot sequence was 
followed, and a secure attestation as to the versions of the software 
on your system.  So, while a secure system is needed for AT/DRM, its
not enough. 

To expand a little: 

By authorized boot sequence, I mean that I can say only software
signed by one of these keys may load.  Without that, I, or an
attacker, can load arbitrary software.

By secure remote attestation I mean that the reference monitor has a
key, which can't be exported, which can sign attestations as to what
software keys are allowed to load sw on my system.  Without this, the
copyright contoller can't decide if they can rely on your system to
act as their agent.

Without software versioning attestation, I can just keep my vulnerable
copy of the OS around, root it, and run the software of my choice on
These are not requirements for me to control my own system, but they
are needed to prevent me from tinkering.


On Tue, Feb 04, 2003 at 09:29:34AM -0500, Dave Farber wrote:
| I sent this to my IP list. One of the major points I made here is that
| secure systems (and I am not calling Palladium a secure system) can host DRM
| software. So one can have secure systems in which case it will tape either
| law or strong market pressure to not have DRM else we can not have secure
| systems in which case DRM will most likely be broken endlessly.
| Comments?
| Dave
| Ps please excuse the inability to hear the questions from the floor, I
| recorded it will a small digital recorder on the podium.
| From: Dave Farber <dave at farber.net>
| Subject: [IP] Streaming REAL Audio now available of my HCSS speech with
| To: ip <ip at v2.listbox.com>
| Date: Wed, 29 Jan 2003 03:27:06 -0500
| Reply-To: dave at farber.net
| introduction by John Seely Brown
| There is Real audio version of my Distinguished Lecture
| given at the Hawaii International Conference on System Sciences
| this Jan in Kona,  Hawaii.
| The introduction was given by John Seely  Brown
| (great intro). The title is Intellectual Property and National Security.
| http://www.vortex.com/rmf/djf-hicss-2003.ram
| PowerPoint available on request.
| Enjoy,
| Dave
| ----------
| ---------------------------------------------------------------------
| The Cryptography Mailing List
| Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

"It is seldom that liberty of any kind is lost all at once."

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list