Re: Restricted storage

[Michal Suchanek]

On 6/6/06, Jonathan S. Shapiro <address@hidden> wrote:
> On Tue, 2006-06-06 at 17:29 +0200, Michal Suchanek wrote:
> > On 6/1/06, Jonathan S. Shapiro <address@hidden> wrote:
> > > On Thu, 2006-06-01 at 22:26 +0200, Michal Suchanek wrote:
> > > > I would say that in the other case the TC is the weak link....
> > >
> > > What empirical evidence can you offfer to support this assumption? It
> > > seems very unlikely on many grounds.
> >
> > In the end, the TC keys are still managed by an administrator. The set
> > of reliable administrators is zero (you said that :).
>
> Actually, this need not be true. It is possible (on top of TC) to
> construct a keying system in which the administrator does not manage the
> keys -- or at least: can manage them only in "opaque" form in a way that
> does not permit them to be used or inspected.

oh, so you argue that if TC is reliable it can make TC reliable?

Would  they use chips from another vendor for that, or their own chips?


> > Even if you verify some chips, there is no guarantee that they will not
> > - start producing a new revision
> > - give away keys to sign something else than the chips
>
> There is no "guarantee". However, the financial incentives *not* to do
> this are *extremely* powerful.
>
> One of the recurring problems with security schemes in general is
> incentives. In practice, they often rely on some party to preserve some
> property or secret, but in reality it is not financially in the
> interests of that party to actually preserve it. At best, people get
> lazy about such commitments. At worst, they break them explicitly.
>
> One of the things about TC that is good (from an engineering
> perspective) is that the financial incentives of the TC chip vendors
> align with the protection that the TC vendors must preserve.

I would think the same applies to CAs.

> I'm not saying "TC is good" here. I'm simply saying that this particular
> aspect of TC was engineered well and realistically.
>
> > Plus there is the problem of signing all those chips. How whould an US
> > chip maufacturer manage that? Will they have the chips signed in
> > Taiwan and China, or will they first get all the zillions of chips
> > transported to the US and sign them there?
>
> The chips are not signed, so this is not an issue.

How do you tell they are the genuine chips then?

> > Now in case of TC it either works for everybody or it fails for
> > everybody (or at least a substantial part of the world).
>
> This is not entirely true. If a single TC chip vendor is compromised,
> then the chips supplied by that vendor "die" but chips supplied by other
> vendors remain just as "safe" as they were before.
>
> In the eyes of the user, this is no worse than having a shipment of
> motherboards all of which are bad. For example, a very large number of
> motherboards shipped a few years ago from a certain vendor in Taiwan.
> These boards contained counterfit capacitors, *all* of which failed in
> the field and required a motherboard replacement.
>
> Losing the keys for a particular TPM chip does not appear (to me) to
> have any worse impact than that. No better, certainly, but no worse.

Given that there is about a half dozen chip vendors compromising one
of them would have much greater impact. Moreover, the capacitors only
stopped working, and a few boards at a time. Compromising the chips
would completetly break the security of a large number of systems at
once. Even systems that do not use the chips directly but rely
(relied) on them to attest remote parties.

Thanks

Michal