Re: Restricted storage

[Jonathan S. Shapiro]

On Tue, 2006-06-06 at 17:29 +0200, Michal Suchanek wrote:
> On 6/1/06, Jonathan S. Shapiro <address@hidden> wrote:
> > On Thu, 2006-06-01 at 22:26 +0200, Michal Suchanek wrote:
> > > I would say that in the other case the TC is the weak link....
> >
> > What empirical evidence can you offfer to support this assumption? It
> > seems very unlikely on many grounds.
> 
> In the end, the TC keys are still managed by an administrator. The set
> of reliable administrators is zero (you said that :).

Actually, this need not be true. It is possible (on top of TC) to
construct a keying system in which the administrator does not manage the
keys -- or at least: can manage them only in "opaque" form in a way that
does not permit them to be used or inspected.

> Even if you verify some chips, there is no guarantee that they will not
> - start producing a new revision
> - give away keys to sign something else than the chips

There is no "guarantee". However, the financial incentives *not* to do
this are *extremely* powerful.

One of the recurring problems with security schemes in general is
incentives. In practice, they often rely on some party to preserve some
property or secret, but in reality it is not financially in the
interests of that party to actually preserve it. At best, people get
lazy about such commitments. At worst, they break them explicitly.

One of the things about TC that is good (from an engineering
perspective) is that the financial incentives of the TC chip vendors
align with the protection that the TC vendors must preserve.

I'm not saying "TC is good" here. I'm simply saying that this particular
aspect of TC was engineered well and realistically.

> Plus there is the problem of signing all those chips. How whould an US
> chip maufacturer manage that? Will they have the chips signed in
> Taiwan and China, or will they first get all the zillions of chips
> transported to the US and sign them there?

The chips are not signed, so this is not an issue.

> Now in case of TC it either works for everybody or it fails for
> everybody (or at least a substantial part of the world).

This is not entirely true. If a single TC chip vendor is compromised,
then the chips supplied by that vendor "die" but chips supplied by other
vendors remain just as "safe" as they were before.

In the eyes of the user, this is no worse than having a shipment of
motherboards all of which are bad. For example, a very large number of
motherboards shipped a few years ago from a certain vendor in Taiwan.
These boards contained counterfit capacitors, *all* of which failed in
the field and required a motherboard replacement.

Losing the keys for a particular TPM chip does not appear (to me) to
have any worse impact than that. No better, certainly, but no worse.

shap