You can only do this if you can trust the hardware. As long as any potential untrustworthy folks have access to that hardware, it cannot be done. It is possible to do the rest of this if you manage to secure the machines from any other kinds of access by disabling all services other than that particular p2p (to prevent remote access overflows from insecure applications). If you see the network problem as a multi-ended VPN, that's the next part. But I do not see any way for any member of the network to certify that any other node is running exactly the same software, unless all nodes restrict access to the hardware and have an external certification process. If anyone anywhere can grab the software - binary or source and join the network while still having hardware access, all bets are off. The only thing the other nodes can certify is that the crypto signatures are right, and that the protocol is the same. But even if you sign the binaries, you don't know that the thing at the other end has the signature it just sent you. You can try to make things complex such as pushing binaries to the other node and having them run there, but you don't know if you're inside a VMware box, or Bochs emulator, or a real machine. Even if you can certify that the application does what you think it does, you can't ceritfy that the operating system or the hardware isn't going to do anything else. End of story. Can't be done so long as anyone other than you has root on the machine, or has physical access. Hence you need to buttplug the hardware and make it difficult to modify. Even so, you don't have any idea of if that CPU really is what it says it is, or that the hardware will do what you think it will do. Hardware can be replaced or patched with things that can look like the original, or things that at some opportune moment interrupt and switch out that hardware, then get full access to all the ram. No, I couldn't afford such hardware mods. But say someone that has enough money to own a DVD pressing factory certainly can afford the R&D. In the end TCPA/Palladium will be broken. Just the USG kept pushing single DES until even a bit after the DES cracker got built. I've no problem with that, nor the fact the RIAA/MPAA want to protect their warez - if they get that oppresive, I won't be buying it, and I'm positive that others won't either... In the end, they'll just be burning a lot of money and find out that they'll go broke. Ironic? Yup. As long as it's a free market, they'll fry for pissing off their consumers. I do have a problem with having spyware forced down my machines by John Law. Intel wants to put Pd compliant chips in their mobo's, fine, I won't buy their hardware -- or if I do, I'll be sure to reflash the BIOS to a slightly different enough version without signatures to force the Pd chip to shut down... If it won't let me, their loss. There's still AMD. AMD joins intel? Fuck x86, there's still Sun, and Apple. The only way that Pd will be successful is if every hardware manufacturer is forced by law to include it. And I've no problem with MSFT making their software oppresive, they're just digging their own graves, I'll applaud as they sink in to the bog. Fuck'em. They're extinct. Long as the motherboard will let me boot whatever OS I want, long as Kongress keeps their paws out of my machine and doesn't extract a tax to pay the losers for their "losses", MSFT, Intel, MPAA, RIAA can do whatever they want. And no, I don't believe that making an open source, hardware free version of what they're trying to do will prevent Jackoff Vallenti from pushing dollars to kongress to close the PeeCee hole while sucking Bill Gates's balls simultaneously. In the end, the only guarantee you have is that the thing at the end is talking the same language as you and that anyone else can't snoop the traffic and see what's there - so long as your crypto-fu is good, and the security on both machines is decent enough to prevent them from being owned. So why bother? Just because the evil empire is running at full speed towards the precipice doesn't mean we need open source versions of the same insanity that drives'em. ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :NSA got $20Bill/year|Passwords are like underwear. You don't /|\ \|/ :and didn't stop 9-11|share them, you don't hang them on your/\|/\ <--*-->:Instead of rewarding|monitor, or under your keyboard, you \/|\/ /|\ :their failures, we |don't email them, or put them on a web \|/ + v + :should get refunds! |site, and you must change them very often. --------_sunder_@_sunder_._net_------- http://www.sunder.net ------------ On Wed, 7 Aug 2002, AARG! Anonymous wrote:
I'd like the Palladium/TCPA critics to offer an alternative proposal for achieving the following technical goal:
Allow computers separated on the internet to cooperate and share data and computations such that no one can get access to the data outside the limitations and rules imposed by the applications.
In other words, allow a distributed network application to create a "closed world" where it has control over the data and no one can get the application to "cheat". IMO this is clearly the real goal of TCPA and Palladium, in technical terms, when stripped of all the emotional rhetoric.
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com