|
-
How does Trusted Platform Module work?
I am desperately trying to find some details on how a TPM works, and what it does. I'm sure it's out there, but there is just so much extremely high-level marketing/fud telling me it's some magical chip that does x, y, and z, and how this is a revolution/end of the world. I can't understand how, for instance, it would be able to do anything about DRM. Once you decrypt it, couldn't you just save it? How does Sony know you aren't using a homespun OS?
-
Mako Shark
In a nutshell trusted platform module is a hardware chip on the motherboard integrated in to the chipset that provide a summary of your system.
Vista i believe uses this in its bitlocker encryption so if you data was obtained and copied it would be worthless being used by different hardware although as a non vista user im not entirely sure of the specifications of vista's application.
Some people like the music industry say it will be the next step from DRM. Basically if music was purchased and used on one system, then illegally copied to another it wouldnt play as the trusted platform would see a complete hardware change and cryptography key change.
Then there is an arguement that major manufactuers (like IBM) and software developers (like microsoft) could impose restrictions on what hardware, devices or indeed software is used with the system (like the "this is not digitally signed by") and instead of asking you what to do refuse to install it. Fears are this could destroy competition in the market place for software and the IT market in general. Not only that but its a mass invasion of your privacy, sure it has legitimate applications but its pratically trying to force feed you as well.
Alot of laptops from 2006/2007 will have this integrated. From 2008 intel plan to introduce it in to their chipsets and by 2012 it is thought that it may be widespread across most laptops and desktops.
Compaq A910em: T2330 dual core 1.6Ghz, X3100 384MB GPU, 160GB sata HDD, 2GB RAM
Gaming rig: Asus Striker II, Coolermaster GX 750w, E4600 @ 2.4Ghz, 2.5GB RAM, Zerotherm FZ 120, 9500GT 1GB
Server: Mac mini running W23k Server - 1.8Ghz dual-core, 1GB RAM, 1x80GB, 2x500GB externals + LTO1 tape backup
An important petition, regarding your human rights:
https://www.change.org/en-GB/petitio...r-both-genders
-
OK. The problem I have with this explanation is the first sentence, "in a nutshell." I'm looking for details, not the summary. 
But from what you've said it sounds like to me is that it is a feature of a mainstream OS, and that all the "negative" or "limiting" impacts of it (such as DRM) can be avoided by illegally modifying your software (such as Windows). Would this be correct? I don't see anything that would prevent this.
There is only one feature I have found that seems to be cryptographically proven. And that is the protocol that lets you prove to a third party that you posess a TPM chip. I've seen the list of "features" of the chip, but that's the only feature I can find any proof for.
-
The chip is essentially an encryption co-processor with protected memory for storing code and keys. The keys can be generated by input from anything that is TPM aware. That includes hardware such as biometric devices and software such as bitlocker. I use TPM with WinXP Pro and Vista.
-
Mako Shark
Have you tried this link yet? Its trusted computings actual site and you can download papers with details about it like design specifications and archietectual overviews rather than essentially or in a nutshell.
https://www.trustedcomputinggroup.org/groups/tpm/
Compaq A910em: T2330 dual core 1.6Ghz, X3100 384MB GPU, 160GB sata HDD, 2GB RAM
Gaming rig: Asus Striker II, Coolermaster GX 750w, E4600 @ 2.4Ghz, 2.5GB RAM, Zerotherm FZ 120, 9500GT 1GB
Server: Mac mini running W23k Server - 1.8Ghz dual-core, 1GB RAM, 1x80GB, 2x500GB externals + LTO1 tape backup
An important petition, regarding your human rights:
https://www.change.org/en-GB/petitio...r-both-genders
-
Yeah, that might be what I will have to do in the end. I know that will take me at least a week to get through though. And then I still won't be satisfied that my own conclusions are correct.  I just wish there were an article out there that gave something like this:
1. DRM
TPM does not have anything to do with this. The closest it can get is for software to do a, b, c. But this is not theoretically secure, and will be unsuccessful if it is tried.
2. Boot sector viruses
TPM can stop this. Here is the boot process with TPM: a, b, c, d, ...
3. Mutual Authentication
TPM comes with a signed certificate to allow for universal machine authentication.
So I'm not really looking for spec-level stuff, but a thorough article, including responding to what I'm sure is misinformation about the product. Like #3, I'm pretty sure that's true, but if it is, it would only take one sentence to explain it to me. I'm just looking for an article that is readable to, and satisfies the questions of, someone familiar with cryptography.
EDIT: Just found a pretty good article on it actually. Not quite what I was looking for, but now I at least see the theory behind the thing. https://www.trustedcomputinggroup.or...es/rc23363.pdf
Heh, that's pretty funny. So basically, you get a certificate to hand over to Sony that lets them prove you're running the latest version of Windows, and then Windows agrees to destroy the key after the song is done playing.  Nice idea.
Last edited by Strogian; 03-28-2007 at 08:59 PM.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
