Interesting. It could be that the chip-architect article is
mistaken, but it was right about Yamhill, and also mentions an Intel patent that involves
an on-chip crypto engine. (I think it means #6542981
[PDF], not the one referenced.) Alternatively, Intel could be
lying, or just have changed plans since 2003.
But the two aren't really incompatible. The circuitry that
the monograph points to is allegedly part of La Grande, Intel's
proprietary version of Trusted Computing, not a TCG-compliant TPM.
That’s even worse in a way, as it would mean software that only
runs on an Intel CPU (and an Intel chipset: La Grande will also
require a TPM and AMT,
a proprietary technology in Intel network cards).
On-CPU crypto might also have something to do with trusted
components. The TCG's long-term plan is to have some form of
hardware signing/encryption in everything, not just a single chip in
every PC. Most of the focus so far is on graphics/sound cards (for
DRM) and keyboards/mice (to stop hardware sniffers), though.
I was aware that the TCPA predates the official announcements
about Palladium, etc., but I thought that meant technical
work. It's disturbing that the White House and the BSA were
involved so far back, and that they chose the immediate aftermath of
9/11 to talk about it publicly.
Richard Clarke's speech about mandatory TNC is here. (PDF file, and Google doesn't have an HTML version.) I think the date (2001) might be wrong, as that was before the official announcement of TCPA and Palladium.
There were also some leaked memos that went into more detail. I don't know if they're still on the Web anywhere, but this story from The Register describes them.
There are no TPM/TNC-based authentication systems available yet, but plenty of companies sell software-only versions. (These can be spoofed, of course.) The most well-known is Cisco's Network Admission Control ("the self-defending network"). They're intended mostly for LANs, but some vendors are already suggesting that they be used by ISPs (especialy in Wi-Fi hotspots).
I'd be extremely interested in seeing the Pentium with an onboard TPM, as this is something Intel has denied. (They sell motherboards with third-party TPM chips, but claim not to be integrating it with the CPU itself.)
Slashdot Mirror
Interesting. It could be that the chip-architect article is mistaken, but it was right about Yamhill, and also mentions an Intel patent that involves an on-chip crypto engine. (I think it means #6542981 [PDF], not the one referenced.) Alternatively, Intel could be lying, or just have changed plans since 2003.
But the two aren't really incompatible. The circuitry that the monograph points to is allegedly part of La Grande, Intel's proprietary version of Trusted Computing, not a TCG-compliant TPM. That’s even worse in a way, as it would mean software that only runs on an Intel CPU (and an Intel chipset: La Grande will also require a TPM and AMT, a proprietary technology in Intel network cards).
On-CPU crypto might also have something to do with trusted components. The TCG's long-term plan is to have some form of hardware signing/encryption in everything, not just a single chip in every PC. Most of the focus so far is on graphics/sound cards (for DRM) and keyboards/mice (to stop hardware sniffers), though.
I was aware that the TCPA predates the official announcements about Palladium, etc., but I thought that meant technical work. It's disturbing that the White House and the BSA were involved so far back, and that they chose the immediate aftermath of 9/11 to talk about it publicly.
There were also some leaked memos that went into more detail. I don't know if they're still on the Web anywhere, but this story from The Register describes them.
There are no TPM/TNC-based authentication systems available yet, but plenty of companies sell software-only versions. (These can be spoofed, of course.) The most well-known is Cisco's Network Admission Control ("the self-defending network"). They're intended mostly for LANs, but some vendors are already suggesting that they be used by ISPs (especialy in Wi-Fi hotspots).
I'd be extremely interested in seeing the Pentium with an onboard TPM, as this is something Intel has denied. (They sell motherboards with third-party TPM chips, but claim not to be integrating it with the CPU itself.)