Researchers Looking at Alternatives to Palladium

An anonymous reader writes "Some folks at Stanford have been looking at an alternative architecture for doing trusted computing (ala Palladium) based on using Virtual Machines. They presented a brief paper describing their work a couple weeks ago at the USENIX Workshop on Hot Topics in Operating Systems . In their paper they also discuss a bunch of non-DRM applications of Trusted Computing such as distributed firewalls, improving P2P security, preventing DDOS, and even strengthening civil liberty protections."

There is no theft

"DRM prevents you dirty hippies from stealing copyrighted material"

Knock off the word abuse. There is no theft involved in duplication.

"Some of us have to make a living, you know"

Re:Palladium,DRM = no trust or rights

[.com+b4+.storm]

How can DRM "protect rights" when it denies basic rights of fair use?

Ah, but there's the rub. It's not about protecting YOUR rights, it's about protecting the rights of the big corporations. Well not so much their rights as the "rights" they want - i.e. control over your computer and everything you use it for.

Re:Why a VM ?

Palladium and TCPA are essentially identical, at least when it comes to DRM applications. Both are basically PGP on steroids, and without that second key the media is worthless. Palladium is a superset of features, though, that includes memory curtaining, where blocks of memory are also encrypted and only available to specific programs. Without that seperation between trusted and non-trusted can't really exist anyway.

Re:Faking out Palladium?

[asdfghjklqwertyuiop]

it doesn't really matter how hard it is, so long as one single person can crack it.

Every palladium-disabled machine out there will have a different key. Getting the key out of one won't help you get the key out of another.

Really, I can't say I've read too much about how it works, but likely it'll have MS/Intel's _public_ key stored so that it can check the certificates of code that you try to run to make sure that it's trusted.

Yeah, they will have those public keys in there, but every machine will also have a private key of its own embedded in hardware. That's how palladium aims to prevent you from copying your data from one computer to another. The "protected" data will be encrypted based on a key that is unique to you, making the encrypted data useless to anyone else.

Re:Faking out Palladium?

Moreso, would it be possible to fake out Palladium-dependent software by running it in an emulator that simulates the undelying Palladium subsystem?

Yes. Unfortunately, you won't be able to make such a simulator. The simulator requires a private key which is embedded in the hardware. This is where TCPA comes in*.

Palladium is encrypted using a public key. To decrypt it, you need the private key. The private key is embedded in a tamper-resistant chip (called the trusted platform module. If you try to inspect the chip, it effectively self-destructs). When the machine powers up, it authenticates the BIOS. The BIOS authenticates the boot loader and the kernel. If any of these fail to authenticate, TCPA will refuse to authenticate anything else. Finally, TCPA decrypts the kernel and starts it up.

The kernel authenticates the drivers it uses, and the software it starts up. Not everything has to be authenticated, just stuff that DRM'd software depends on. When you open a DRM'd program, either Palladium decrypts it with a private key, or Palladium sends it to the trusted platform module to decrypt.

As long as Palladium doesn't have any security holes, you will have two options to compromise it. You could somehow acquire the private keys, or you could somehow compromise the hardware (processor, memory, video card, etc).

--------

*Kuro5hin has a good technical analysis of TCPA.