[open-source] Open Source TCPA driver and white papers
Ben Laurie
ben at algroup.co.uk
Thu Jan 23 10:06:53 EST 2003
Douglas Lee Schales wrote:
> In reply to your message dated: Wed, 22 Jan 2003 13:09:30 EST
>
> This is has descended into the ridiculous. TCPA has been tossed about
> as being a great coming evil, the end of the open computing world. We
> finally get some technical information published about TCPA that's not
> only of keen interest to the Open Source community, but also of use
> (source code).
>
> The only result of this publication is an inane discussion about the
> use of "hacker" vs "cracker".
>
> Get a grip... discuss the technical content!
Actually, I think its important to be clear about the differences
between TCPA and Palladium. It seems quite obvious that _this version_
of TCPA is not designed (unlike Palladium) to provide DRM, though it is
equally clear that they've failed to point out the obvious attack (which
is to intercept the content once it has been decrypted, an attack
Palladium explicitly defends against). In the meantime, the arguments
"demonstrating" their weakness as a DRM platform are rather unsound.
They make two main points:
1. Variations in BIOS, OS and application will render it impossible to
check PCR values. However, this argument also renders the chip useless
for its intended purpose (i.e. if the PCR values change, you can no
longer unseal your keys!).
2. The chip is vulnerable to power analysis and other advanced trickery.
This may be true, but is quite probably not in reach of the ordinary user.
So, one must wonder why they mention these points but not the easy
attack (snarf the content after decryption)? Presumably because they
intend to close that at some point in the future, so using it as a
defence now would be bad. Of course, once that hole is closed TCPA _is_
Palladium.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list