[11669] in cryptography@c2.net mail archive
Re: Cryptogram: Palladium Only for DRM
daemon@ATHENA.MIT.EDU (Ed Gerck)
Tue Sep 17 17:54:56 2002
Date: Tue, 17 Sep 2002 14:51:28 -0700
From: Ed Gerck <egerck@nma.com>
Cc: cryptography@wasabisystems.com
It may be useful to start off with the observation that Palladium will not be
the answer for a platform that *the user* can trust. However, Palladium
should raise awareness on the issue of what a user can trust, and what not.
Since a controling element has to lie outside the controled system, the solution
for a trustworthy system is indeed an independent module with processing
capability -- but which module the user should be able to control..
This may be a good, timely opening for a solution in terms of a "write code"
approach, where an open source trustworthy (as opposed to trusted)
secure execution module TSEM (e.g., based on a JVM with permission
and access management) could be developed and -- possibly -- burned on a
chip set for a low cost system. The TSEM would require user-defined
signatures to define what is trustworthy to *the user*, which would set a higher
bar for security when compared with someone else defining what is
trustworthy to the user. The TSEM could be made tamper-evident, too.
Note: This would not be in competition with NCipher's SEE, because NCipher's
product is for the high-end market and involves commercial warranties,
but NCipher's SEE module is IMO a good example.
Comments?
Ed Gerck
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
