"trust me" pseudonyms in TCPA (Re: Other uses of TCPA)

[Adam Back]

I haven't read the TCPA detailed spec yet (next on TCPA/Palladium list
of reading material), but this bit I can infer I think:

> :Mike Rosing wrote:
> :> Who owns PRIVEK?  Who controls PRIVEK?  That's who own's TCPA.
> :
> :PRIVEK, the TPM's private key, is generated on-chip.  It never leaves
> :the chip.  No one ever learns its value.  Given this fact, who would
> :you say owns and controls it?
> 
> OK, so why can't any joe hacker create their own PRIVEK?  _nobody_ knows
> it's value?  Then how can anyone know if a chip is "real" or "imitation".
> What happens when the motherboard dies again?  PRIVEK was copied out of
> the chip to some "fob" right?  I thought you said the manufacturer put
> the keys in at the factory.

The corresponding public key is certified by the secure hardware
manufacturer, I think.

Then they have this privacy CA which accepts requests signed by the
platform's signature key, and gives in return a certified pseudonym of
the users choice.  They claim this gives privacy, which it only does
if you trusted the "privacy CA" -- the privacy CA can link all of your
anonymous and pseudonymous credentials.  (Anonymous may want to
straighten out the different keys names -- I think there are some
encryption, some signature, some sealing keys derived from other
secret keys and the checksum of the application and OS / firmware
etc.)

Brands digital credentials could be used to fix this sub-problem I
think.

They put in the privacy CA thing as a defense against the PR problems
Intel had with the pentium serial number.  The FAQs at
www.trustedpc.org talk about this arguing how this is better than
pentium serial number at avoiding linkability.

The documentation problem I find is there isn't much documentation
available which is technical except for the 330 page spec which drops
right down to implementation details in RFC standards style.

Adam
--
http://www.cypherspace.org/adam/