Re: Computer CPU chips with built-in crypto?
From: Martin Minow <minow@apple.com>
I'm not sure if I can answer this but, at last week's SF cypherpunks meeting, an Intel engineer asked whether there might be any interest in a computer chip with some sort of encryption mechanism built into the chip. As I understand it, this chip would process an encrypted instruction stream. I.e., it could not execute a program unless the "key" for that program was first loaded into the chip.
An interesting idea: does anyone have more information?
This sounds like something which might be used in a set-top-box or "information appliance" application where pay-per-use programs would be loaded from a CDROM or network connection. People have been dreaming about pay per use software for many years. It is a similar idea to the "mini application" concept which would replace the monolithic super-apps, the Microsoft Words and the giant do-everything web-browsers/newsreaders/mail-clients, with small, single function utilities. This is part of the idea behind Apple's OpenDoc and Microsoft's OLE. In the same way, instead of buying a big program for hundreds of dollars, you'd just download and use the functionality you needed for a small fee. Yet in practice it is not clear whether either of these trends will have any market success. Monolithic applications seem to be doing very well, with more integration being the trend, not less. And the whole idea of introducing metering to a market which is used to paying just once for access is one which is bound to meet resistance. Look at AOL which is going to single-charge unlimited access to the net. So in both cases the trend looks to be going in the opposite direction. Another possible application for the built in encryption is software piracy protection. You'd unlock software for your CPU but it would not run on anybody else's without a different key code. Here again there is not much benefit to the end user, unless software prices come down dramatically when this device is used. But otherwise the computer manufacturers are selling computers which have features which will limit the powers of the buyers, and having to sell them more expensively to boot because of the special chip. In these days of razor thin profit margins in the PC business it is hard to see how this will sell. Hal
Hal Finney writes:
Another possible application for the built in encryption is software piracy protection. ... In these days of razor thin profit margins in the PC business it is hard to see how this will sell.
Let me offer a possible scenario: we're entering an era when there is much more chip real-estate than "consumer-grade" PC's can use. Adding an encryption engine to the instruction stream could be as simple as adding a series of barrel shifters between (or inside) the processor cache and the instruction decoder. (Imagine blowfish or DES -- or something as simple as RC4). If encryption is turned off, the chip would be bug-for-bug compatible with the existing PC. The vendor would put the chip into the ordinary production cycle and, in two to three years, it would be on the target audience's desktops. (Remember, it would run existing and new, non-encrypted, software without change.) Encryption would be turned on on a module-by-module basis by operating system "loader" code that would detect a "key required" cookie in the executable file (or the Open Doc file, or the Java class file). Before starting the module, the o.s. loader would lookup the cookie and load the decryption key into the chip. The customer would purchase a key by giving a magic number from the software and a magic number (processor serial number) to the vendor. This could be done automatically over the network. Now, a software vendor could provide the latest software for free from a public FTP site, and could offer a variety of decryption keys (30 day free trial, one-time-use micropayment, etc.) at a variety of prices. This could also be integrated into multiple site-license managers such as KeyServer. As with KeyServer, key management could be done "invisibly" over the Internet. Note that the chip does not offer end users any encryption or decryption capabilities -- the decrypted instruction stream cannot be directly examined by end users. On the other hand, if the encryption key generator was available to "anybody," it would be trivial to construct secret messages by generating programs that, when run, constructed the desired message. For that reason, I suspect that keys will be limited to a length that "national interests" are comfortable with. Martin Minow minow@apple.com
participants (2)
-
Hal Finney -
Martin Minow