Okay, first of all, this is NOT Palladium but MY idea of what Trusted computing would be like if it were ever implemented. Im looking for people to shoot holes or add suggestions to my plan. Okay.
1. We will assume that we can manufacture a technology that can generate a unique key and a method of encrypting/decrypting inside a Hardware "black box". That is, in would be impractical for anybody to ever try and access the key. The black box provides no means for ever transmitting the key, it only takes in an input and outputs the encrypted stream.
2. We will use an encryption system that is based on the Public key/Private key model which allows the both keys to both encode and decode. The private key can only decode data encoded by the public key and vice versa.
3. The private key will be hard coded into the black box and cannot be modified. The public key is stored in some central respository.
4. We want the trusted computer system to do two things. 1) Guarentee that the data you have recieved is from X and 2) Gurentee that the data you are about to send can only be seen by Y.
Now, if a person wants to send the end of year financial statement to their Boss, they would first encrypt the data with their private key and then encrypt it again with their bosses public key. After it has been encrypted, he can send it down the wire with a plain text header detailing the sender and the reciever. The boss then recieves the encrypted version and decrypts it with his private key and then decrypts it again with the employees public key.
If a music company wants to sell you a record which can only be played on yor computer, they would send you a version of their song encrypted with your public key so that only the computer you are on can decrypt it.
To request a key off the central server, you would first send your request encrypted both your private key and their public key (it is assumed that you can verify the integrity of a key servers public key) and then they would send back the request encrypted with their private key and your public key. Each computer would have its public key registered by the key server as it was produced. There would be a system set up for reporting theft like they use for credit card theft.
Now, some potential problems.
1. The system does nothing to stop people from monitoring WHO your talking to.
2. If the "black box" were built onto the motherboard/CPU, every upgrade would make your old material obsolete, if it were something portable like a plug you could put on your ethernet cable, it would be trivial to circumvent the DRM measures.
3. The system is set up so that NOBODY would ever know your private key. This means that you can't ever have all your equipment built on the same private key.
I hope I've made this clear enough. Any thoughts?
1. We will assume that we can manufacture a technology that can generate a unique key and a method of encrypting/decrypting inside a Hardware "black box". That is, in would be impractical for anybody to ever try and access the key. The black box provides no means for ever transmitting the key, it only takes in an input and outputs the encrypted stream.
2. We will use an encryption system that is based on the Public key/Private key model which allows the both keys to both encode and decode. The private key can only decode data encoded by the public key and vice versa.
3. The private key will be hard coded into the black box and cannot be modified. The public key is stored in some central respository.
4. We want the trusted computer system to do two things. 1) Guarentee that the data you have recieved is from X and 2) Gurentee that the data you are about to send can only be seen by Y.
Now, if a person wants to send the end of year financial statement to their Boss, they would first encrypt the data with their private key and then encrypt it again with their bosses public key. After it has been encrypted, he can send it down the wire with a plain text header detailing the sender and the reciever. The boss then recieves the encrypted version and decrypts it with his private key and then decrypts it again with the employees public key.
If a music company wants to sell you a record which can only be played on yor computer, they would send you a version of their song encrypted with your public key so that only the computer you are on can decrypt it.
To request a key off the central server, you would first send your request encrypted both your private key and their public key (it is assumed that you can verify the integrity of a key servers public key) and then they would send back the request encrypted with their private key and your public key. Each computer would have its public key registered by the key server as it was produced. There would be a system set up for reporting theft like they use for credit card theft.
Now, some potential problems.
1. The system does nothing to stop people from monitoring WHO your talking to.
2. If the "black box" were built onto the motherboard/CPU, every upgrade would make your old material obsolete, if it were something portable like a plug you could put on your ethernet cable, it would be trivial to circumvent the DRM measures.
3. The system is set up so that NOBODY would ever know your private key. This means that you can't ever have all your equipment built on the same private key.
I hope I've made this clear enough. Any thoughts?
Facebook
Twitter