[4098] in cryptography@c2.net mail archive
Re: Cryptoprocessors and reverse engineering
daemon@ATHENA.MIT.EDU (Martin Minow)
Fri Jan 29 13:43:05 1999
In-Reply-To: <199901290401.UAA15794@toad.com>
Date: Fri, 29 Jan 1999 09:50:19 -0800
To: John Gilmore <gnu@toad.com>, Markus Kuhn <Markus.Kuhn@cl.cam.ac.uk>,
decius@bleeding.edge.net
From: Martin Minow <minow@pobox.com>
Cc: cryptography@c2.net, gnu@toad.com
At 8:01 PM -0800 1/28/99, John Gilmore wrote:
>
>The opportunity to reverse-engineer in order to get past a deliberate
>software monopoly lock-up is critical. Remove this from computer
>architectures at your peril.
>
About a year ago, someone from Intel presented their thinking about
security at an Oakland Cypherpunks meeting. My take from his presentation
is that, in the medium to long term, a chip manufacturer can put a key
and the necessary cryptographic infrastructure in the instruction decoder
of a microcomputer (and, if they did it right, there would be no significant
performance impact). This would let a vendor bind their application to
a specific CPU: the application would have limited "demo" functionality
when it was purchased. To unlock the full application, you would
connect to the vendor's server, provide the chip ID, and receive
the necessary modules compiled for your particular chip -- and only
that specific chip. This essentially puts the "dongle" inside
the processor.
Mathematica does something similar, using other "system-unique"
information to bind the application to a specific machine.
This is, of course, another argument *for* open source software.
Martin Minow
minow@pobox.com
