[Free-sklyarov-uk] Microsoft unveils Palladium - BBC.co.uk article

[Matthew Astley]

On Thu, Jun 27, 2002 at 06:20:58PM +0100, James Radley wrote:

> I still am not quite sure how this will work in its entirety. From
> some of the other articles I've read around the net, it seems the
> aim is to have a hardware based key in the processor, which then
> boots the secure OS,

There's lots of stuff out there, eg. on the ukcrypto list. There are
links to the patents and people involved in it and similar work.


I haven't caught up on most of it yet though, so the following may be
wrong:

> Of course, reverse engineering, and spoofing of hardware chips will
> be easy. I'll just run a software emulator of the encryption chip,
> and run a virtual machine entirely in software. And since everyone
> running the emulator is running with the same key, there is only a
> need for one warez copy too. A cat /proc/kcore > myfile will quickly
> get me a memory image to reverse engineer, extract multimedia images
> from etc....
> 
> Or am I wrong....

AFAICS this is a naive hangover from the days when you _could_ do
this. It's getting harder,

  http://www.google.co.uk/search?q=xbox+reverse+engineer

and given the work people have done on techniques to make secure smart
cards (Ross Anderson has lots of info IIRC,

  http://www.cl.cam.ac.uk/~rja14/

) it's going to be very hard to take the thing apart without
destroying it, and the key you want, in the process. It's quite likely
that the key will be distributed across the Fritz chip or CPU.

My analogy would be "hardware steganography". It's not really true
since if you could trace everything through at the _hardware_ level,
the key will come out.


Then, even if you do manage to breach one key, it will just get
backlisted in whatever key infrastructure the system has. Think
blacklisted credit card number, or "I'm sorry sir. You don't seem to
exist any more, so I can't talk to you."


Matthew  #8-)