Hi!

I've go a laptop with a TPM (Fritz chip?) on it, running both windows XP and Linux. My question is rather simple but I couldn't find the answer:

Knowing that:

The TMP is tamper-proof but with limited storage
Is NOT a cryptographic accelerator (meaning it's SLOW and cheap)
Cannot load custom code (as far as I know)


With this things on mind, How does the TMP prevent us from retrieving (ie AACS decryption keys) plaintext data from memory?

Those key MUST be loded on a process able to sustain HIGH data rates (the TPM cannot do that) so, they must be used, and temporally stored on the main memory.

The keys MUST be loaded somehow into the tpm, again if ecc-encrypted they must be encrypted somehow in either main memory or sending them as plaintext to the TPM.

Aswell someone may force the upload of keys to the TPM by simply erasing it from Bios setup having another oportunity to capture the key.

And as a final comment, the TPM could be emulated in software modifying virtualizing programs like XEN or Qemu

As a test, I've used the tpm to store the keys needed to decrypt a Loop-AES encrypted disk, The tpm stores the key of the IV's File so, the key is retrieved (and loaded in main memory), the IV's file is decrypted and the disk is then mounted.

I don't know the details of the Fritz chip, but the current (P4) generation of smartcards is working very well to protect DirecTV broadcast content. Maybe the Fritz chip can work in a similar manner.

On a HDTV receiver where you don't have acces to most of the system it 'might' prevent that. What I mean is that It's impossible to use keys outside the main memory and, having acces to the system and being able to modify it must make any TPM-based DRM more useless.

Another thong is the remote atestation (How the hell it works?) (who said I do trust in someone?), have a look at the wikipedia page about it Link! (http://en.wikipedia.org/wiki/Trusted_Platform_Module)

In DirecTV the keys change very quickly (about every 8 seconds). Maybe a variant of such a scheme could make it impractical to look for keys in memory. I'm just free associating here. :)

In DirecTV the keys change very quickly (about every 8 seconds). Maybe a variant of such a scheme could make it impractical to look for keys in memory. I'm just free associating here. :)

thats what I was just thinking as well

just like kereberos, the encryption might be poor, but the change rate makes it workable

Maybe that's the point, changing keys that make impractical an attack based on memory keys.

A quote from wikipedia about the remote attestation

Remote attestation is usually combined with public-key encryption so that the information sent can only be read by the programs that presented and requested the attestation, and not by an eavesdropper, such as the computer owner.Wow! how trusted it is!