Re: Trusted chips (was Re: Triad Systems and Ohio Recount)

From: Teresa Hommel <tahommel_at_earthlink_dot_net>
Date: Fri Dec 24 2004 - 06:36:39 CST

Please remember that elections in a democracy require that ordinary
citizens have to be
able to observe the process and observe that the ballots are legitimate
and the tallies
are derived from the ballots.

Teresa Hommel

Edward Cherlin wrote:

>On Thursday 23 December 2004 02:53 pm, charlie strauss wrote:
>> I dont know about computer forensics in any useful detail.
>>But one thing I think that will likely be a godsend to
>>electronic voting is the Next Generation Trusted Computing
>>Platform. While derided on slashdot for the way it imposes
>>DRM on your computer it's actually exactly what e-voting
>Hmm. Open Source DRM...
>>to recap the basic concepts of the NGTCP. some small very
>>trusted and easily secure part of the computer will boot. It
>>will then validate every hardware component and every signed
>>software component that is loaded. Hardware, even screens,
>>and keyboards will be designed to fit into the authentication
>>protocol, each having some unforgable signature authorized by
>>the trusted portion. I dont know how that will be done but
>>apparently this is worked out.
>>The idea is that the central trust allocation unit will be so
>>small it can be validated and kept secure. Since every
>>component from OS to drivers is signed you cant defeat the
>>system or even emulate it.
>>Again I dont know how this is done.
>>(formerly it was known as paladium, so you probably heard of
>>it) and it started as a project between Intel and Microsoft.
>>There are now motherboards out that supposedly support this
>>but I have not looked into it. And I have read there is an
>>opensource project to bring this to linux.
>I looked into all this a bit in 2000 when National Semiconductor
>announced plans for a secure microprocessor which would generate
>public-private key pairs on chip, never letting the private key
>off the chip. There were several other such initiatives.
>Assuming appropriate packaging, so that the key could not be
>read externally without destroying the circuit, it could
>provably maintain secrets pretty well and do a fair amount of
>security checking.
>Of course, access to its inputs would allow spoofing of devices
>it was supposed to be attached to, and there are other attacks.
>You have to check *all* of the details in security.
>"There is no such thing as 100% security. We of the profession
>are not accustomed to speaking in such inexactitudes."--from the
>BBC series Colditz.

OVC discuss mailing lists
Send requests to subscribe or unsubscribe to
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Fri Dec 31 23:17:19 2004

This archive was generated by hypermail 2.1.8 : Fri Dec 31 2004 - 23:17:22 CST