Anonymous trust.

• Autores: Wendy M. Grossman
• Localización: Scientific American, ISSN 0036-8733, Vol. 291, Nº. 2, 2004, págs. 20-22
• Idioma: inglés
• Texto completo no disponible (Saber más ...)
• Resumen

  • Under pressure to battle incessant hacker attacks, viruses and identity theft, Microsoft in 2002 came up with a scheme dubbed Palladium, which would rely on special computer hardware that would refuse to run malicious programming code or betray users' secrets. A form of "trusted computing," the idea drew several objections -- chief among them, it would enable remote organizations to track what users do with their machines. Now a technology based on a decade-old idea promises better protected machines and transactions while removing the fear of monitoring. The strategy is called direct anonymous attestation (DAA). The plan is that computers will have a secure mode in which they will run only applications that have been authenticated by remote trusted certification authorities ("attested"); moreover, these authorities would not necessarily be able identify them or their owners. The concept behind DAA is zero-knowledge proofs, which were explored in the early 1990s at Bell Laboratories and the University of Cambridge. For DAA to work, the secure chip, known as a trusted platform module, has a private cryptographic key embedded in it. For each group of private keys -- perhaps the set of all devices of a particular model from a single manufacturer -- there is a common public key. When a device needs to be authenticated as secure, it generates a new cryptographic key for one session and sends it as a message signed with its private key to a third party. The third party uses the message, the key signature and the known public key to verify the source as trusted. The chip itself is designed to be tamperproof. Still, vendors can revoke keys if they suspect illicit activity.