Challenge to David Wagner on TCPA
AARG! Anonymous
remailer at aarg.net
Sat Aug 3 18:30:09 PDT 2002
Mike Rosing wrote:
> On Fri, 2 Aug 2002, AARG! Anonymous wrote:
>
> > You don't have to send your data to Intel, just a master storage key.
> > This key encrypts the other keys which encrypt your data. Normally this
> > master key never leaves your TPM, but there is this optional feature
> > where it can be backed up, encrypted to the manufacturer's public key,
> > for recovery purposes. I think it is also in blinded form.
>
> In other words, the manufacturer has access to all your data because
> they have the master storage key.
>
> Why would everyone want to give one manufacturer that much power?
It's not quite that bad. I mentioned the blinding. What happens is
that before the master storage key is encrypted, it is XOR'd with a
random value, which is also output by the TPM along with the encrypted
recovery blob. You save them both, but only the encrypted blob gets
sent to the manufacturer. So when the manufacturer decrypts the data,
he doesn't learn your secrets.
The system is cumbersome, but not an obvious security leak.
More information about the cypherpunks-legacy
mailing list