I'm resending this because I never saw it appear on the cypherpunks@lne.com mailing list. Appologies if it has already been through and I just missed it. -kevin wall -----Original Message-----

From: Wall, Kevin Sent: Friday, August 02, 2002 1:27 AM To: 'ericm@lne.com '; 'cypherpunks@lne.com '; 'cryptography@wasabisystems.com '; 'ptrei@rsasecurity.com' Subject: RE: Challenge to David Wagner on TCPA

Mr AARG! writes...

Eric Murray writes:

...

Yes, the spec says that it can be turned off. At that point you can run anything that doesn't need any of the protected data or other TCPA services. But, why would a software vendor that wants the protection that TCPA provides allow his software to run without TCPA as well, abandoning those protections?

That's true; in fact if you ran it earlier under TCPA and sealed some data, you will have to run under TCPA to unseal it later. The question is whether the advantages of running under TCPA (potentially greater security) outweigh the disadvantages (greater potential for loss of data, less flexibility, etc.).

and in another reply to Peter Trei, Mr. AARG! also writes...

Now, there is an optional function which does use the manufacturer's key, but it is intended only to be used rarely. That is for when you need to transfer your sealed data from one machine to another (either because you have bought a new machine, or because your old one crashed). In this case you go through a complicated procedure that includes encrypting some data to the TPME key (the TPM manufacturer's key) and sending it to the manufacturer, who massages the data such that it can be loaded into the new machine's TPM chip.

So this function does require pre-loading a manufacturer key into the TPM, but first, it is optional, and second, it frankly appears to be so cumbersome that it is questionable whether manufacturers will want to get involved with it. OTOH it is apparently the only way to recover if your system crashes. This may indicate that TCPA is not feasible, because there is too much risk of losing locked data on a machine crash, and the recovery procedure is too cumbersome. That would be a valid basis on which to criticize TCPA, but it doesn't change the fact that many of the other claims which have been made about it are not correct.

Correct me if I'm wrong (I'm sure you all will :), but wouldn't you also have to possibly go through this exercise with the TPME key and sending your system to the manufacturer when you wanted to, say, upgrade your operating system or switch to a completely different OS? That will go over like a lead balloon. (Gee... must be getting late. I almost wrote "like a bag of dirt". Duh! Can't even remember cliches at my age.) -kevin wall P.S.- Please excuse the sh*t formating. We use Lookout! and MS Exstrange where I work. --- Kevin W. Wall Qwest Information Technology, Inc. Kevin.Wall@qwest.com Phone: 614.932.5542 "Wipe Info uses hexadecimal values to wipe files. This provides more security than wiping with decimal values." -- Norton System Works 2002 manual, pg 160