On Monday, June 24, 2002, at 01:47 AM, Lucky Green wrote:
[Tim: do you recall when we had the discussion about the upcoming "encrypted op code chips" at a Cypherpunks meeting in a Stanford lecture hall? Was that 1995 or 1996? It cannot have been later; I know that I was still working for DigiCash at the time because I remember giving a talk on compact endorsement signatures at the same meeting].
Around that time. Someone (Markoff?) was reporting that Intel was devoting a few percent of its transistors in an upcoming CPU to op code encrypting. I remember pointing out that Intel had previously released, in the early 80s, a "KeyPROM," which was an EPROM with encryption so that the internal state could not easily be read. The ostensible market was for arcade game makers, who were heavy consumers of EPROMs at the time and who wanted ways to not have their games copied by competitors. (The product flopped. Left as an exercise is to think about how pointless it is to try to make a tamper-proof chip, especially without any of the expensive countermeasures being possible. Anyone who can make the chip wiggle with a logic analyzer and o-scope could learn a lot. We used our Dynamic Fault Imager to image internal microcode states, thus bypassing the crypto junk.) Back to the rumor. The supposed encrypted CPU has not yet appeared. One theory, one that I find plausible, is that Intel got freaked out by the firestorm of derision and protest that met its attempt (around the same time) to introduce processor/user ID numbers which companies like Microsoft could use. (As it turns out, there's enough readable state in a PC, with various configurations of memory, drives, etc., that Microsoft can do a crude registration system which makes it difficult for users to run a product on N different machines. The Intel ID system was anticipated to make this _much_ more robust than simply counting drives and slots and attempting to map to one such configuration...which has the headaches of requiring customers to re-register, if they are allowed to, when they swap out drives or move cards around.) Anyway, a major reason Intel got freaked is that AMD, a competitor of course, announced with much publicity that they would NOT, repeat NOT, include the processor ID feature! As an Intel shareholder of many years, I'm not happy that AMD is as strong a competitor as it is (which isn't very, to be honest). But in other obvious ways I am happy to see them out there, keeping Intel from implementing such schemes. This is the key, no pun intended. Any single vendor, like Intel, who imposes such a scheme will face harsh criticism from the rabble like us. We will write essays, we will monkeywrench their boxes with "Big Brother Inside" stickers, we will laugh at their failures, we will be energized to find hacks to defeat them. So any effort to put "DRM" into hardware will have to be a mandated, directed, antitrust-exempted procedure. (Aside: And possibly unpatented. Rambus is now getting smacked around by the courts for participating in JEDEC memory chip standards committees without disclosing their patent interests. A standard _can_ involve patents, pace Firewire and USB, but the issues get complicated. Something to keep your eye on, as a wedge for attack.) If one vendor doesn't put the DRM in, he has bragging rights a la AMD with Intel's processor ID scheme. For a DRM scheme to have any hope of succeeding, it must happen with all vendors of VCRs or PCs or whatever. And since companies are not allowed (in the U.S. and most statist countries) to meet secretly or even quasi-secretly to plan features, the DRM planning must be done either publically under a guise of "industry standards." Or exempted by the law, possibly a secret ruling (e.g., a letter from the AG exempting AMD, Intel, Nvidia, and VIA from antitrust laws for the purposes of implementing DRM). In summary: -- expect more such attempts -- use laughter, derision, and slogans to monkeywrench the public perception (I talked to a person from Intel at this year's CFP...got the confirmation that the firestorm over the chip ID scheme had scared Intel badly and that there was little support within Intel for repeating the mistake...could be why senior Intel managers have testified in Congress against mandated DRM schemes...cf. testimony of Les Vadasz, IIRC.)
--Tim May ""Guard with jealous attention the public liberty. Suspect everyone who approaches that jewel. Unfortunately, nothing will preserve it but downright force. Whenever you give up that force, you are ruined." --Patrick Henry