Interview with Glenn Henry, founder of VIA processor subsidiary Centaur (fwd from eugen at leitl.org)

Eugen Leitl eugen at leitl.org
Wed Jun 16 08:27:46 EDT 2004


From: Eugen Leitl <eugen at leitl.org>
Subject: Interview with Glenn Henry, founder of VIA processor subsidiary CeTo: cypherpunks at al-qaeda.net
Date: Tue, 15 Jun 2004 18:51:21 +0200


http://linuxdevices.com/articles/AT2656883479.html

[ker-snip]

The third one, is one you haven't asked me about, this is actually my pet
hobby, here -- we've added these fully sophisticated and very powerful
security instructions into the...

Q19: That was my last question!

A19: So the classic question is, hey, you built some hardware, who's going to
use it? Well, the answer is, six months after we first started shipping our
product with encryption in it [story], we have three or four operating
systems, including Linux, OpenBSD, and FreeBSD, directly supporting our
security features in the kernel.

Getting support that quickly can't happen in the Microsoft world. Maybe
they'll support it someday, maybe they won't. Quite honestly, if you want to
build it, and hope that someone will come, you've got to count on something
like the free software world. Free software makes it very easy for people to
add functionality. You've got extremely talented, motivated people in the
free software world who, if they think it's right to do it, will do it. That
was my strategy with security.

We didn't have to justify it, because it's my hobby, so we did it. But, it
would have been hard to justify these new hardware things without a software
plan. My theory was simple: if we do it, and we do it right, it will appeal
to the really knowledgeable security guys, most of whom live in the free
software world. And those guys, if they like it, and see it's right, then
they will support it. And they have the wherewithal to support it, because of
the way open software works.

So those are my three themes, ignoring the fourth one, that's obvious: that
without competition, Windows would cost even more. To summarize, for our
business, [Linux is] important because it allows us to build lower-cost PC
platforms, it allows people to build new, more sophisticated embedded
applications easier, and it allows us, without any software costs, to add new
features that we think are important to the world.

Our next processor -- I haven't ever told anyone, so I won't say what it is
-- but our next processor has even more things in it that I think will be
just as quickly adopted by the open source software world, and provide even
more value.

It's always bothered me that hardware can do so many things relatively easily
and fast that aren't done today because there's no software to support it. We
just decided to try to break the mold. We were going to do hardware that,
literally, had no software support at the start. And now the software is
there, in several variations, and people are starting to use it. I actually
think that's only going to happen in the open source world.

Q20: We'd like a few words from you about your security strategy, how you've
been putting security in the chips, and so on.

A20: Securing one's information and data is sort of fundamental to the human
need -- it's certainly fundamental to business needs. With the current world,
in which everyone's attached to the Internet -- with most peoples' machines
having back-door holes in them, whether they know it or not -- and with all
the wireless stuff going on, people's data, whether they know it or not, is
relatively insecure.

The people who know that are using secure operating systems, and they're
encrypting their data. Encrypting of data's been around for a long time. We
believe, though, that this should be a pervasive thing that should appear on
all platforms, and should be built into all things.

It turns out, though, that security features are all computationally
intensive. That's what they do. They take the bits and grind them up using
computations, in a way that makes it hard to un-grind them.

So, we said, they're a perfect candidate for hardware. They're well-defined,
they're not very big, they run much faster in hardware than in software -- 10
to 30 times, in the examples we use. And, they are so fundamental, that we
should add the basic primitives to our processor.

How did we know what to add? We added government standards. The U.S.
government has done extensive work on standardizing the encryption protocols,
secure digital signature protocols, secure hash protocols. We used the most
modern of government standards, built the basic functions into our chip, and
did it in such a way that made it very easy for software to use.

Every time you send an email, every time you send a file to someone, that
data should be encrypted. It's going out on the Internet, where anyone with
half a brain can steal it.

Second, if you really care about not letting people have access to certain
data that's on your hard drive, it ought to be encrypted, because half the
PCs these days have some, I don't know what the right word is, some "spy"
built into it, through a virus or worm, that can steal data and pass it back.
You'll never get that prevented through operating system upgrades.

I do have some background, sort of, in security: it's always been my hobby.
The fundamental assumption you should make is, assume that someone else can
look at what you're looking at. In other words, don't try to protect your
data by assuming that no one's going to come steal your hard drive, or no one
can snoop through a backdoor in Windows. You protect your data by saying,
"Even if they can see the data, what good is it going to do them?"

We think this is going to be a pervasive need. The common if-you-will
person's awareness of worms and viruses has gone up a million percent in the
last few years, based on all the problems. The awareness of the need to
protect data is going to go up substantially, too.

We're doing more than encryption, though. There's another need, which is
coming, related to message authentication and digital signatures.

We're encrypting all the time. Every time you buy something over the Web,
your order is encrypted. So there is encryption going on already. But the
next major thing -- and this is already done in the high-security circles of
banks -- is message authentication through digital signatures. How do you
know someone didn't intercept that order, and they're sending in their own
orders using your credit card number? How do you know, when you get a message
from somebody, that they didn't substitute the word "yes" for "no," things
like that? These are very important in the world of security. They're well
understood in the government world, or the high-security world, and there are
government standards on how you do these things. They are called secure
hashes, and things like that. So we've added features for those.

To summarize, the things we've added fall into three categories. One is a
good hardware random number generator. That was actually the first thing, and
that's actually one of the hardest things to do. It sounds trivial, but it's
actually very hard to generate randomness, with any kind of process. It needs
to be done in hardware. Software cannot generate random numbers that pass the
tests that the government and others define.

The second thing we did is a significant speedup in the two basic forms of
encryption. One's called symmetric key encryption, and the government
standard is AES, which is a follow-on to a thing called DES. So we do AES
encryption very fast. The other form of encryption that's widely used is
public key encryption, and the most common form there is a thing called RSA.
That's what's being used, you know, for secure Web transactions. We think
we're the only people who've done this: we added instructions in our new
processor that's coming to speed up RSA.

The third thing we've done is added what's called a secure hash algorithm.
Again, it's a government standard. Its used for message authentication and
digital signatures. It deals with the issue, if you send me an email, how do
I know that the email I got was the one you sent? That it wasn't intercepted
and changed? And more fundamentally, how do I know that it actually came from
you? Anyone can put their name, in our world, on that email. Things like
that. So there's got to be some code in that email that I can look at, and
know that only you could have sent it. I can explain this more if you want to
know.

Q21: That's probably sufficient. We're looking more for the strategy.

A21: Okay, let me back up. Our strategy was, assuming that we believe that
security is fundamental and ought to be there, to define the primitive
operations that need to be done as the building blocks of security. Those we
put into hardware. We're not trying to impose a particular, I don't know,
protocol or use. We're just making available the tools. We're doing it for
free. The tools are in the processors, at no extra price. They don't require
any OS support, no kernel support, no device drivers. It's getting into the
kernels of BSD and Linux, but applications can directly use the features
[even without kernel support], and the hardware takes care of the
multitasking aspects.

The two guys who worked on it with me are both heavy Linux users. They wrote
to friends in the security and Linux communities. Very little marketing money
was spent.

When the security press release went out, at the Embedded Processor Forum, it
had three key quotes, real quotes. Not quotes written by PR managers. My
quote was written by a PR manager, but the others weren't. All three were big
names in the security world, and all were saying good stuff.

Q22: Beyond security, are other cool features planned?

A22: The next chip has some tools to do computationally intensive things
where hardware provides a big advantage. But I don't want to say yet what
they are.

Q23: Would they be useful for multimedia?

Yes, for multimedia, and for other things.

Q24: Like a DSP?

A24: Kind of like that.

Q25: Okay, we won't push. We appreciate you taking the time to speak with us.
We can't imagine getting the president of AMD or Intel to do this.

A25: Our whole strategy is so close to the, if you will, the fate of Linux.
We identify so much with it. We're low-cost, aimed at the common person,
we're aimed at new applications, and we don't have any massive PR or
marketing or sales budget, so. Actually, I have a special softness in my
heart for Linux. I think without Linux our business would be much less than
what it is today. It's just very important to us, so, I wanted to give you
guys the time.

About the Interviewee

Glenn Henry is the founder and president of Centaur Technology. Throughout
his career, he has played an integral role in the development of the U.S.
computer industry.

Prior to founding Centaur in April 1995, Henry served as a consultant to MIPS
Technology (SGI) for one year. From 1988 to 1994 he was Chief Technology
Officer and Senior Vice President of the Product Group at Dell Computer
Corporation. As Senior VP, he was responsible for all product development
activities and, at various times, also responsible for product marketing,
manufacturing, procurement, information systems, and technical support.

Before his tenure at Dell, Henry served 21 years with IBM. He was the
instigator, lead architect, and development manager responsible for the IBM
System/32, System38 (forerunner of AS/400), and RT/PC (forerunner of Power
systems). In 1985, he was appointed an IBM Fellow.

-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org         http://nanomachines.net



----------

-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org         http://nanomachines.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20040616/fb91ee0f/attachment.pgp>


More information about the cryptography mailing list