Other uses of TCPA

[Eugen Leitl]

On Sat, 3 Aug 2002, Nomen Nescio wrote:

> I think that people are beginning to understand that TCPA is not a
> black and white issue.  It is neither the overwhelming threat that some
> activists are describing, nor the panacea that the vendors are selling.
> It is a technology with strengths and weaknesses.

No, TCPA is a technology with a potential for abuse, and there's certainly
a strong economic and political drive to abuse it. As such it is simply
not acceptable. I don't want this particular camel in my tent,
thankyouverymuch.
 
> As an exercise, try thinking of ways you could use TCPA to promote "good
> guy" applications.  What could you do in a P2P network if you could
> trust that all participants were running approved software?  And if you

Approved by whom? There's a secret embedded into the CPU and/or chipset. I
can't read it out. It was either generated within (so it can't be shared),
or the vendor put it there (and kept a copy of it), or the signed code
which is trusted by original vendor put it there. If you can read out a 
secret, and the system destroys it internal copy, you can still clone it 
into as many systems as you want, as long as it doesn't go pass through 
some Dark Tower in Mordor somewhere.

Why should I trust the vendor with any of this? I don't even trust the
vendor with what he puts into his BIOS. If I need secure encryption, I can
put crypto into a deep embedded in a USB fob, or a smartcard, or buy some
open hardware from a trusted source. If it needs high throughput, you
could package it into a PCI card (and please put the secret into a 
removable dongle).

> could prevent third parties, including hostile governments, from seeing
> the data being used by that software?  You may be surprised to find that

You don't need big brother hardware to prevent participants from accessing
the content directly. If the content is fragmented into encrypted slivers
somebody else has the key for (insert onions for extra paranoia) you have
no idea what is on your hard drive. The content only magically
materializes on a single node when you try to access it. It comes
from/passing through nodes you sure see the addresses, but these change.  
Both because the content moves or gets routed differently, and the nodes
are largely on dynamic IPs.

> if you look at it with an open mind, TCPA could be a tremendous boon to
> freedom-oriented technologies.  From file sharing to crypto protocols
> to digital cash, TCPA lets you expand the trusted computing base to

How does TCPA help you with double spending your tokens? I understand no 
reliable solutions without centralism exist. We should definitely aiming 
for something inspired by ecology (crunch being the equivalent of 
sunlight).

> the entire set of participating machines.  It's really a tremendously
> powerful technology.

I'd rather not have tremendously powerful technology standing under
somebody's else's control sitting under my desk.

> The biggest problem, ironically, is that TCPA may not be secure enough.
> It's one thing to make video piracy difficult, it's another matter to keep
> the Chinese government from prying into the sealed storage.  But with

How is the Chinese government/CoS/anybody else going to pry into a
document that is encrypted on an air-gapped machine (secret stashed away
elsewhere), and stored on a secure (a few iterations of MNet or similiar)  
P2P network? Assuming, I was nice enough to tell them the URI for it?
How is the Chinese government going to effectively prevent people 
accessing content on a steganographic P2P network? Why, with something 
very like TCPA: by outlawing all purpose computers but those running code 
approved by an authority.

> future generations of TCPA integrated onto CPUs with improved tamper
> resistance, it will be much more difficult to defeat the protections.

Are you somehow assuming you can magically protect state of structured
matter encoding a shared (with many, many copies out there) from being
read by people with basically unlimited resources?

> It may turn out that TCPA can significantly facilitate cypherpunk goals.