|
L12-TCPA-PALLADIUM Datasheet, PDF (10/12 Pages) List of Unclassifed Manufacturers – TCPA and Palladium | |||
|
◁ |
10
8 POLICY ISSUES
How do we do this?
⢠Use the PCR value to âbrandâ encrypted secrets with the identity of the code that âownsâ
them
⢠Owners of secrets can also designate alternate recipients (necessary for update and Palladium
migration)
Attestation
Attestation lets a remote client know what software is running. This authentication technology, is
more than a âsimple signing;â Attestation enables authentication of a software conï¬guration (nexus,
application, process).
⢠Code authenticates itself using the SSC quote function:
â Quot(S) â Sign[S|P CR]
⢠This provides a protocol building block:
â For example, in a Server/peer protocol
â The server checks the signature, checks certiï¬cates on signing key, checks nexus digest
is as expected
â Then, it knows the client is a âMS Nexus on Acme Trusted Platformâ
⢠Implementation: RSA using SSC key pair
⢠No anonymity at this low level. Can only use the hardware key ONCE per power cycle.
To preserve anonymity, use the hardware key to create pseudo-identities to provide indi-
rection/anonymity while still providing platform attestation. Being able to create pseudo-
identities requires the presence of trusted third parties which do not exist at present. Microsoft
is looking into encouraging such markets.
8 Policy Issues
Some of the technical issues we have to solve are policy issues.
You want to have a piece of technology that you can hold up any time anyone starts to complain
about social problems. For instance, youâre worried about a child viewing pornography on net?
Donât make pornography illegal; make a chip that protects kids.
⢠So how do we build an attestable TCB (trusted computing base): open, auditable, and com-
prehensible?
⢠Since the Palladium RSA key is unique what steps should we take to defend against traï¬c
analysis and behavior?
|
▷ |