[clug] "Trusting" a remote machine booting from a CD [SEC=UNCLASSIFIED]

[Michael Cohen]

On Mon, Apr 23, 2007 at 10:39:41AM +1000, Roppola, Antti - BRS wrote:
> Impossible? Failed? http://www.thinkwiki.org/wiki/Tpm 

>From the quick read I saw on the TPCM web site I found this quote from "TCPA
Misinformation Rebuttal"
http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.TCG.html/$FILE/tcpa_rebuttal.pdf

"The early versions will be vulnerable to anyone with the tools and patience to crack
the hardware (e.g., get clear data on the bus between the CPU and the Fritz chip).
However, from phase 2, the Fritz chip will disappear inside the main processor - let’s
call it the Hexium - and things will get a lot harder. Really serious, well funded
opponents will still be able to crack it. However, its likely to go on getting more
difficult and expensive." Two mistakes here: first, reading the bus to the TCPA chip
cannot and will not reveal a private key. Private keys are generated on the chip, and
never leave the chip unencrypted. But more importantly, TCPA was designed to
protect the users data from external attack, not from attack by the owner. Defending
against owner attack is a much harder problem in hardware tamper resistance. TCPA
chips have not been designed to resist local hardware attack, such as power analysis,
RF analysis, or timing analysis. This is one of the examples that show that TCPA
was not intended for DRM, which requires much higher levels of tamper resistance,
since you dont trust the owner. Speculating that TCPA might add greater tamper
resistance in the future is another example of pure speculation.

Which shows that its not designed to stop the owner of a system who has
physical access. Also it seems to be an authentication system - not really
designed for execution of trusted code?

> Even the XBox360 has proven to be reasonably resliient.

Thats primarily because the rewards are so low - the first Xbox was sold at a
large discount for its time, and could run linux really well because it had a
very good cpu (for its time). Xbox360 is pretty useless as anything but a games
console because it uses unusual architecture (porting linux to it would be
difficult). These days a full blown computer costs much less than the xbox so
there is no economical incentive.

> OTOH, anything that needs this sort of effort to secure will probably
> warrant a similar effort to break in.

True.

> How about a taxi meter style tamper evident case with copper wire and
> solder seals? Just be sure to cover any externally accessible interfaces
> other than the NIC & CD slot, then start thinking like Bob.

I think the original poster wanted the software to run on the owners machine -
so no tamper proofing.

Michael.