Challenge to David Wagner on TCPA

Trei, Peter ptrei at rsasecurity.com
Fri Aug 2 11:36:32 PDT 2002 

> AARG! Anonymous[SMTP:remailer at aarg.net] writes
	[...]
> Now, there is an optional function which does use the manufacturer's key,
> but it is intended only to be used rarely.  That is for when you need to
> transfer your sealed data from one machine to another (either because you
> have bought a new machine, or because your old one crashed).  In this
> case you go through a complicated procedure that includes encrypting
> some data to the TPME key (the TPM manufacturer's key) and sending it
> to the manufacturer, who massages the data such that it can be loaded
> into the new machine's TPM chip.
> 
> So this function does require pre-loading a manufacturer key into the
> TPM, but first, it is optional, and second, it frankly appears to be so
> cumbersome that it is questionable whether manufacturers will want to
> get involved with it.  OTOH it is apparently the only way to recover
> if your system crashes.  This may indicate that TCPA is not feasible,
> because there is too much risk of losing locked data on a machine crash,
> and the recovery procedure is too cumbersome.  That would be a valid
> basis on which to criticize TCPA, but it doesn't change the fact that
> many of the other claims which have been made about it are not correct.
[...]

While I reserve the right to respond to the rest of the poster's letter, 
I'd like to call out this snippet, which gives a very good reason
for both corporate and individual users to avoid TCPA as if it were 
weaponized anthrax (Hi NSA!).
...
OK, It's 2004, I'm an IT Admin, and I've converted my corporation 
over to TCPA/Palladium machines. My Head of Marketing has his
TCPA/Palladium desktop's hard drive jam-packed with corporate 
confidential documents he's been actively working on - sales 
projections,  product plans, pricing schemes. They're all sealed files.

His machine crashes - the MB burns out.
He wants to recover the data.

HoM: 	I want to recover my data.
Me: 	OK: We'll pull the HD, and get the data off it. 
HoM:	Good - mount it as a secondary HD in my new system.
Me:	That isn't going to work now we have TCPA and Palladium.
HoM:	Well, what do you have to do?
Me:	Oh, it's simple. We encrypt the data under Intel's TPME key, 
	and send it off to Intel. Since Intel has all the keys, they can 
	unseal all your data to plaintext, copy it, and then re-seal it for 
	your new system. It only costs $1/Mb.
HoM:	Let me get this straight - the only way to recover this data is to
let
	Intel have a copy, AND pay them for it?
Me:	Um... Yes. I think MS might be involved as well, if your were using
	Word.
HoM:	You are *so* dead.

---------------------------

Peter Trei







---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cypherpunks-legacy mailing list