full-disk subversion standards released

Brian Gladman brg at gladman.plus.com
Mon Feb 2 17:07:51 EST 2009 

----- Original Message ----- 
From: "Jonathan Thornburg" <jthorn at astro.indiana.edu>
To: "Brian Gladman" <brg at gladman.plus.com>
Cc: "John Gilmore" <gnu at toad.com>; "Peter Gutmann" 
<pgut001 at cs.auckland.ac.nz>; <cryptography at metzdowd.com>; 
<smb at cs.columbia.edu>
Sent: Monday, February 02, 2009 3:53 AM
Subject: Re: full-disk subversion standards released

[snip]
> It's this variety of different software encryption schemes -- and
> compilers to turn them into binary code (which is what the NSA/Intel
> backdoor ultimately has to key on) that, I think, makes it so much
> harder for a hardware backdoor to work (i.e. to subvert software
> encryption) in this context.

I well understand the difficulties of mounting attacks but the fact remains 
that if someone else is able to take over _control_ of your machine you 
won't obtain any security irrespective of whether your interest is in 
network or storage encryption.

And _if_ Intel were to be interested in being able to take over your machine 
whenever it wished to do so -- which I don't believe it is -- subverting its 
processor designs to make this possible will be many, many orders of 
magnitude more effective than subverting the design of a TPM that 99.999...% 
of machines won't have.

I am personally happy to trust Intel and I am also happy to trust the design 
of the TPM I happen to use.  And it is completey useless for DRM provided 
only that Intel and the TPM supplier have not been subverted.

I simply don't believe that TPM's will ever achieve (or could ever have 
achieved) the widespread adoption that effective DRM demands and I don't 
personally believe that such applications ever played much part in the 
design.   But _provided_ the hardware suppplier can be trusted, hardware 
based security is able to achieve a much higher level of assurance than pure 
software ever can.    TPMs are hence useful in custom security applications 
and I am personally much more confident in my security using my TPM based 
solution than if I would be if I were relying on a pure software approach.

I am _not_ advocating TPM technology since I doubt its general utility for 
widespread adoption but I reject the idea that TPMs are part of an evil plot 
to infect the world with DRM.

    Brian Gladman

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list