[14906] in cryptography@c2.net mail archive
example: secure computing kernel needed
daemon@ATHENA.MIT.EDU (John S. Denker)
Thu Dec 11 19:09:21 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 10 Dec 2003 12:02:46 -0500
From: "John S. Denker" <jsd@av8n.com>
To: cryptography@metzdowd.com
In-Reply-To: <3F4CE672.5040106@av8n.com>
Previous discussions of secure computing technology have
been in some cases sidetracked and obscured by extraneous
notions such as
-- Microsoft is involved, therefore it must be evil.
-- The purpose of secure computing is DRM, which is
intrinsically evil ... computers must be able to
copy anything anytime.
Now, in contrast, here is an application that begs for
a secure computing kernel, but has nothing to do with
microsoft and nothing to do with copyrights.
Scenario: You are teaching chemistry in a non-anglophone
country. You are giving an exam to see how well the
students know the periodic table.
-- You want to allow students to use their TI-83 calculators
for *calculating* things.
-- You want to allow the language-localization package.
-- You want to disallow the app that stores the entire
periodic table, and all other apps not explicitly
approved.
The hardware manufacturer (TI) offers a little program
that purports to address this problem
http://education.ti.com/us/product/apps/83p/testguard.html
but it appears to be entirely non-cryptologic and therefore
easily spoofed.
I leave it as an exercise for the reader to design a
calculator with a secure kernel that is capable of
certifying something to the effect that "no apps and
no data tables (except for ones with the following
hashes) have been accessible during the last N hours."
Note that I am *not* proposing reducing the functionality
of the calculator in any way. Rather I am proposing a
purely additional capability, namely the just-mentioned
certification capability.
I hope this example will advance the discussion of secure
computing. Like almost any powerful technology, we need
to discuss
-- the technology *and*
-- the uses to which it will be put
... but we should not confuse the two.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
