[11049] in cryptography@c2.net mail archive
Re: Ross's TCPA paper
daemon@ATHENA.MIT.EDU (Hadmut Danisch)
Thu Jul 4 17:34:48 2002
From: Hadmut Danisch <hadmut@danisch.de>
Date: Thu, 4 Jul 2002 22:54:11 +0200
To: Bill Stewart <bill.stewart@pobox.com>
Cc: Lucky Green <shamrock@cypherpunks.to>,
daw@mozart.cs.berkeley.edu, cypherpunks@einstein.ssz.com,
cryptography@wasabisystems.com
In-Reply-To: <5.1.1.6.2.20020703225147.0b94ecd0@idiom.com>
On Wed, Jul 03, 2002 at 10:54:43PM -0700, Bill Stewart wrote:
> At 12:59 AM 06/27/2002 -0700, Lucky Green wrote:
> >I fully agree that the TCPA's efforts offer potentially beneficial
> >effects. Assuming the TPM has not been compromised, the TPM should
> >enable to detect if interested parties have replaced you NIC with the
> >rarer, but not unheard of, variant that ships out the contents of your
> >operating RAM via DMA and IP padding outside the abilities of your OS to
> >detect.
>
> It can? I thought that DMA was there to let you avoid
> bothering the CPU. The Alternate NIC card would need to have a
> CPU of its own to do a good job of this, but that's not hard.
I don't think so. As far as I understood, the
bus system (PCI,...) will be encrypted as well. You'll have
to use a NIC which is certified and can decrypt the information
on the bus. Obviously, you won't get a certification for such
an network card.
But this implies other problems:
You won't be able to enter a simple shell script through the
keyboard. If so, you could simple print protected files as
a hexdump or use the screen (or maybe the sound device or any
LED) as a serial interface.
Since you could use the keyboard to enter a non-certified
program, the keyboard is to be considered as a nontrusted
device. This means that you either
* have to use a certified keyboard which doesn't let
you enter bad programs
* don't have a keyboard at all
* or are not able to use shell scripts (at least not in
trusted context). This means a
strict separation between certified software and data.
If Microsoft was able to do so, we wouldn't have
worms.
Hadmut
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
