Microsoft's recently announced R&D project, which includes chipmakers Intel and AMD as partners, aims to combine software and hardware extensions to traditional PC architecture. Palladium's goal: Move security-conscious applications out of the server room and back onto the Windows desktop, by soothing both consumer fears about privacy and corporate concerns over piracy.

	See also:
•	MS: Remedies a Bonus for Crackers
•	Gates: Complying 'Not Feasible'
•	Microsoft: Few Changes to OS
•	Gates: Leave My Windows Alone
•	Read ongoing U.S. v. Microsoft coverage
•	Read more Technology news

Earlier this week, Palladium architects from Microsoft and AMD provided Wired News with separate under-the-hood tours of the software and hardware technology plans behind Palladium's high concept pitch.

The good/bad news: As described, Palladium won't meet most of the hyperbolic claims being made for it.

At its simplest, Palladium provides a tamper-proof vault for data on the desktop. "One of the areas the PC needs to grow in is its resistance to certain kinds of attacks," said Geoffrey Strongin, platform security architect for AMD.

Those attacks include Web-based cracking and viruses, ripping CDs, modification of application programs, and sniffs of users' passwords and other personal data, according to Strongin. "The constraint on the problem is the existing PC marketplace," Strongin added. "We don't want to throw out trillions of dollars in infrastructure."

As a result, he said, Palladium was designed as an extension to current PC hardware and software, one that would allow existing software and hardware to work as usual, while enabling new applications and hardware that work with encrypted data inside the PC.

In theory, the Palladium system would be safe from any attacks short of physically opening the box and tapping into the hardware.

To support Palladium, AMD and Intel are reportedly developing new versions of the x86 chip, the platform used for Intel's Pentium and AMD's Athlon. According to Strongin, these chips support a new "Trusted" execution mode that allows cryptographically authenticated programs access to a separate memory area.

The CPU is augmented by a security coprocessor, which holds a unique pair of crypto keys. The coprocessor is a separate component not for security but for manufacturing reasons. Unlike today's CPU chips, each coprocessor must be personalized with a crypto string stored in non-volatile memory –-- more akin to a smartcard than an Athlon.

Strongin suggested smartcard makers may manufacture the coprocessors, which would then be combined with Intel or AMD CPU chips to create a Palladium-ready motherboard.

A corresponding software component, called the Trusted operating root (or just "the nub" by Microsoft engineers), would work in conjunction with the CPU and its coprocessor.

Together, the nub and coprocessor are designed to encrypt data in such a way that no other combination of nub and coprocessor would be able to decrypt it. Change a single bit of code or move the data to another computer, and it is unreadable. This is the core of Palladium, according to Strongin and Peter Biddle, a Microsoft product unit manager leading Palladium's development.

"It's like having Kerberos (cryptographic authentication) between applications, instead of between computers on the network," Biddle said. Applications on the PC would be unable to read from or write to one another's Palladium-protected data. "To the rest of the system, that part of memory is invisible -- it does not exist," Biddle said.

Microsoft plans to publish the source code for the nub, he added, because the system is secure using crypto algorithms rather than proprietary code.