[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TPM unusable for DRM

From: Anton Tagunov
Subject: Re: TPM unusable for DRM
Date: Wed, 15 Nov 2006 01:07:09 +0300
User-agent: Thunderbird (Windows/20061025)


Emmanuel> So my first question is : how does the local software has
Emmanuel> to proceed, in order to check that the endorsement key
Emmanuel> he got from the kernel was really provided by the TPM?
Emmanuel> My other question is : how does the software knows
Emmanuel> that this endorsement key is acceptable?

Anton> Do you think it could go like this:
Anton> Imagine company FCK sells DRM protected video.
Anton> To use their video you've got to pass though
Anton> 'attest your computer' online procedure.
Anton> During this procedure your give FCK the following
Anton>data provided by your TPM
Anton> * public part of your TPM's current AIK (attestation key)
Anton> * your TPM's PUBEK (public part of it's endorsement key)
Anton> * current collection of PCR registers
Anton> * signature signing the above with PRIVEK (private part of EK)

Emmanuel> And who is going to collect all these nice data on the local computer?
Emmanuel> :-)

Please note: the info is signed with PRIVEK.
Only TPM know PRIVEK.
Only TPM can provide the info+signature FCK shall like
(naturally it shall verify the signature with pubek, and if pubek has been faked or not)
And TPM does not accept external AIK.
It generates AIK internally.
So only TPM knows private part of AIK.

Anton> FCK verifies that your PUBEK are PCR-s are valid and sends you
Anton> Golden Key To Decrypt Their Video = GK.

Anton> GK is bound to your PCR values and is encrypted with
Anton> public part of your TPM's current AIK.

Emmanuel> I suppose FCK is able to check the validity of PUBEK... But, in your
Emmanuel> scenario, one just needs to fake the AIK to defeat the security.

As I've said we can't faik AIK.
We need pubAIK signed by TPM by privek.
TPM shall only sign AIK generated by itself.

Emmanuel> Well, in this scenario, you could also simply write a software for
Emmanuel> SecureOS which makes exactly the same thing that the original one,
Emmanuel> except that, instead of using GK to simply read the video, he also 
Emmanuel> it to a computer running UnSecureOS...

TPM shall not let software use GK unless PCR-s match.
If PCR-s match it's not your software, it's FCK's.

Maybe the scheme does not work exactly like this,
but there's no protection against PRIVEK locked inside TPM
+ external PUBEK records FCK shall verify you PUBEK against.

We need to protest against DRM.
We need to support free software.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]