Dell to Add Security Chip to PCs
Shawn K. Quinn
skquinn at speakeasy.net
Thu Feb 3 21:45:01 PST 2005
On Thu, 2005-02-03 at 22:25 +0100, Anonymous wrote:
> The manufacturer issues a certificate on the public part of the EK,
> called the PUBEK. This key is then used (in a somewhat roundabout
> manner) to issue signed statements which attest to the software state
> of the machine. These attestations are what allow a remote server to
> know if you are running a client software configuration which the
> server finds acceptable, allowing the server to refuse service to you
> if it doesn't like what you're running. And this is the foundation for
> DRM.
Isn't it possible to emulate the TCPA chip in software, using one's own
RSA key, and thus signing whatever you damn well please with it instead
of whatever the chip wants to sign? So in reality, as far as remote
attestation goes, it's only as secure as the software driver used to
talk to the TCPA chip, right?
--
Shawn K. Quinn <skquinn at speakeasy.net>
More information about the cypherpunks-legacy
mailing list