On Sat, 31 Jan 2009, Peter Gutmann wrote: > Even with the best intentions in the world, the only thing you > can really usefully do with a TPM is DRM.
If there were a direct link from TPM to display and speakers and all the content rendering were done by TPM itself, then TPM would be useful for DRM. An attempt to render content "securely" on CPU is based on a theory that content owner can trust general purpose OS after "secure boot". Experience shows that this theory is wishful thinking. Apparently, the only existing application of TPM is BitLocker: it allows to boot OS from an encrypted disk without entering any password. A careful analysis shows that TPM is a separate chip that can be powered down without reseting the CPU and thus one can load "non-trusted OS", reset TPM, starts "secure boot", and get encryption keys. Even when (if) TPM will be the same chip as CPU, I suspect a man-in-the-middle attack on CPU-to-RAM communication will allow to take over the "trusted OS". On the other hand, once we forget about all attestation and secure boot applications, TPM is still a smartcard soldered to your computer, so probably it can allow all the smartcard use-cases (except, of course, the uses-case that require storing the smartcard separately from the computer :-). -- Regards, ASK --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com