RE: Revenge of the WAVEoids: Palladium Clues May Lie In AMD Motherboard Design

2002-07-06 Thread Bill Stewart

At 10:07 PM 06/26/2002 -0700, Lucky Green wrote:
An EMBASSY-like CPU security co-processor would have seriously blown the
part cost design constraint on the TPM by an order of magnitude or two.

Compared to the cost of rewriting Windows to have a infrastructure
that can support real security?  Maybe, but I'm inclined to doubt it,
especially since most of the functions that an off-CPU security
co-processor can successfully perform are low enough performance that
they could be done on a PCI or PCMCIA card, without requiring motherboard 
space.
I suppose the interesting exception might be playing video,
depending on how you separate functions.

(Obviously the extent of redesign is likely to be much smaller in the
NT-derived Windows versions than the legacy Windows3.1 derivatives that
MS keeps foisting upon consumers.  Perhaps XP Amateur is close enough to
a real operating system for the kernel to be fixable?)

I am not asserting that security solutions that require special-purpose
CPU functionality are not in the queue, they very much are, but not in
the first phase. This level of functionality has been deferred to a
second phase in which security processing functionality can be moved
into the core CPU, since a second CPU-like part is unjustifiable from a
cost perspective.




Revenge of the WAVEoids: Palladium Clues May Lie In AMD Motherboard Design

2002-06-27 Thread R. A. Hettinga

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I figured this was probably going on, but the following article is my
first confirmation.

WAVE, some of you might remember, was started by a former NatSemi
Chairman back before the internet got popular. It was going to be a
dial-up book-entry-to-the-screen content control system with special
boards and chips patented to down to it's socks. Sort of like 3Com,
I'm sure. First I heard about it was, ironically, in a 1990-ish Peter
Huber article in Forbes, touted as the Next Big Thing. (Convergence,
don'tcha know...) This is same Peter Huber who wrote the Geodesic
Network, which, along with bearer financial cryptography, is a
cornerstone of the way I look at the universe. Paradoxes abound, boys
and girls.


In the meantime, WAVE Systems stock has been listed, then de-listed,
then re-listed, and, God only knows what it is now.

I even got an offer from that Chairman and Grey Eminence of WAVE to
come speak to FC97, if we comped him, of course. As General Chair of
the conference I had to gently let him know that FC was a
peer-reviewed conference, and if his tech people wanted to send a
paper and it got accepted by the Program Committee, (a whole bunch of
top-drawer cryptographers, lawyers, and bankers), they were perfectly
welcome, and, he, like I, could sit in the audience, watch the talks,
and hit the beach in the afternoon with everyone else. Never got
anything back for some reason. :-). We even got the DivX guys
presenting papers that first (and second) year, so content control
was never an issue, though I expect that trade-secret skullduggery
certainly was.

Which makes sense. WAVE's stockholders, called WAVEoids by themselves
and others, are practically millennial in their belief that WAVE will
conquer the world and the company's failure to date is due to a giant
short-seller's conspiracy of some kind. Lots of Secret Sauce there,
somewhere...

If BillG has swallowed this stuff, hook, line, and sinker, as someone
has noted before, then, frankly, he must have access to better drugs
than most of us. It also means that he's grasping at conceptual
straws, economically, and if he persists in following this folly to
the bitter end, his dream of software-kudzu world domination will
finally choke his company once and for all.

So, be careful what you wish for, Bill. On a geodesic network, no
central node can route all the information. Like Gilmore says about
censorship on the same network, any putative top of an internet
pyramid chokes instead, and the network simply routes around it.

The paradox in all of this is that only way that crypto to the screen
is going to work is if the screen is literally *buying* the content
shown on that screen, for cash, in a raw commodity market of some
kind. And, if *that's* really the case, there's no need for IP law in
what amounts to information commodity market in perfect competition,
not a monopolistically competitive market requiring brands, patents,
and copyrights. Finally, such a system cannot use a
book-entry-to-the-device system, because the cheapest cash will be
done without identity at all.

In such a world digital rights management, and content control
are contradictions in terms, if not preposterous notions on their
face.

Cheers,
RAH

-BEGIN PGP SIGNATURE-
Version: PGP 7.5

iQA/AwUBPRqKFsPxH8jf3ohaEQLhkACgrjzGqd+sWTRURTPB/pOBBRclTykAoMLT
93jOFpW8m0p7u7i8c8FO6W/N
=iwOs
-END PGP SIGNATURE-


http://www.extremetech.com/print_article/0,3998,a=28570,00.asp

ExtremeTech


Palladium Clues May Lie In AMD Motherboard Design
June 26, 2002
By: Mark Hachman

A two-year-old whitepaper authored by AMD and encryption firm Wave Systems
may offer additional clues to the design of PCs incorporating Palladium,
Microsoft's new security initiative.

Wave, based in Lee, Mass., has partnered with Microsoft rival Sun
Microsystems, Hewlett-Packard, Verisign and RSA Data Systems, among others,
in creating the EMBASSY verification system, originally pitched as a tool
for e-commerce. In August of 2000, Wave and AMD authored a whitepaper on
how the solution could be integrated into a motherboard using AMD's Athlon
microprocessor, which a Wave executive said is now entering field trials
overseas.

Wave and AMD are developing a Trusted Client reference platform to enable
trust and security to be delivered to the PC, the whitepaper reads. By
integrating Wave's EMBASSY Trusted Client system into AMD's Athlon
motherboard reference design, we will deliver a template for building cost
optimized Trusted Client PCs.

The paper is authored by researchers Kevin R. Lefebvre and Bill Chang of
Wave, and Geoffrey Strongin, who is spearheading AMD's Palladium work.
Strongin said Monday that the company had begun work on a Palladium-type
solution before Microsoft approached the company. AMD and Wave announced a
partnership in March 2000.

Wave's board of directors includes George Gilder and Nolan Bushnell, the
founder of Atari.

The whitepaper, 

RE: Revenge of the WAVEoids: Palladium Clues May Lie In AMD Motherboard Design

2002-06-27 Thread Lucky Green

Bob wrote quoting Mark Hachman:
 The whitepaper can not be considered a roadmap to the design 
 of a Palladium-enabled PC, although it is one practical 
 solution. The whitepaper was written at around the time the 
 Trusted Computing Platform Association
 (TCPA) was formed in the fall of 2000; both Wave and AMD 
 belong to the TCPA. And, while Palladium uses some form of 
 CPU-level processing of security algorithms, the AMD-Wave 
 whitepaper's example seems wholly tied to an off-chip 
 security processor, the EMBASSY.

An EMBASSY-like CPU security co-processor would have seriously blown the
part cost design constraint on the TPM by an order of magnitude or two.
I am not asserting that security solutions that require special-purpose
CPU functionality are not in the queue, they very much are, but not in
the first phase. This level of functionality has been deferred to a
second phase in which security processing functionality can be moved
into the core CPU, since a second CPU-like part is unjustifiable from a
cost perspective.

Given the length of CPU design cycles and the massive cost of
architecting new functionality into a processor as complex as a modern
CPU, we may or may not see this functionality shipping. Much depends on
how well phase 1 of the TCPA effort fares.

--Lucky




Re: Revenge of the WAVEoids: Palladium Clues May Lie In AMD Motherboard Design

2002-06-27 Thread Peter Gutmann

R. A. Hettinga [EMAIL PROTECTED] writes:

WAVE, some of you might remember, was started by a former NatSemi Chairman
back before the internet got popular. It was going to be a dial-up book-entry-
to-the-screen content control system with special boards and chips patented to
down to it's socks.

Think of it as DIVX for PCs, with a similar chance of success (see my earlier
post about TCPA being a dumping ground for failed crypto hardware initiatives
from various vendors).  Its only real contribution is that the WAVEoid board on
Ragingbull (alongside the Rambus one) is occasionally amusing to read, mostly
because it shows that the dot-com sharemarket situation would be better
investigated by the DEA than the FTC.

Peter.