The paper is authored by researchers Kevin R. Lefebvre and Bill Chang of Wave, and Geoffrey Strongin, who is spearheading AMD's Palladium work. Strongin said Monday that the company had begun work on a Palladium-type solution before Microsoft approached the company. AMD and Wave announced a partnership in March 2000.
Wave's board of directors includes George Gilder and Nolan Bushnell, the founder of Atari.
The whitepaper, forwarded to ExtremeTech by reader and consultant Andreas W. Kuhn, contains many similarities to Palladium's potential feature set: the ability to sell multimedia content by the chapter or track, the possible ability to block spam by accurately verifying the sender and recipient of a message; increased privacy, and serving as a trusted client. However, the AMD-Wave whitepaper also postulates the need for multiple protection schemes, something that Microsoft's limited public statements have not addressed.
"Furthermore, support needs to be provided for multiple protection schemes, since there will clearly be several schemes available and content creators will demand the flexibility to define their own protection requirements," the whitepaper says.
In an interview Tuesday morning, John Callahan, vice-president of marketing for Wave, said Wave had spent over $120 million developing the EMBASSY system, only to see Microsoft's Palladium system receive all the attention. "It's tremendously ironic," he said.
The whitepaper can not be considered a roadmap to the design of a Palladium-enabled PC, although it is one practical solution. The whitepaper was written at around the time the Trusted Computing Platform Association (TCPA) was formed in the fall of 2000; both Wave and AMD belong to the TCPA. And, while Palladium uses some form of CPU-level processing of security algorithms, the AMD-Wave whitepaper's example seems wholly tied to an off-chip security processor, the EMBASSY.
"It closely tracks with what's been enunciated (by Microsoft)," Callahan said. "It's a hardened solution with a software OS… As most people in the industry know, most people said software alone would do the job. We've had to put up with a lot of slings and arrows."
Wave's EMBedded Application Security System (EMBASSY) is actually an embedded microprocessor of undisclosed complexity, which contains secure non-volatile memory, secure I/O, a secure real-time clock, and operating system. Wave currently sells the chip as part of a "cryptographic service provider kit," which uses a small client terminal to encrypt data like email. However, the chip can be sold into a variety of applications.
According to the whitepaper, the reference design allows for the running of secure boot, TCPA integrity metrics, strong user authentication, and secure BIOS upgrades. "We will also provide the Wave EMBASSY metering application to support various commerce models for consumer entertainment content," the whitepaper adds.
The EMBASSY device remains active throughout the entire boot process, hanging off the Low-Pin Count (LPC) bus--the replacement for the ISA bus--and connected to the core logic's south bridge. AMD's Strongin hinted that AMD would license any necessary intellectual property to other chipset makers, continuing the chip company's cooperation with other chipset vendors.
|
 |
| click on image for full view |
When activated, EMBASSY asks for some identifying information from the user–whether from a smart card reader, secure keypad, or other biometric device–which is then transferred securely into the EMBASSY's memory. Fingerprint readers, a class of biometric devices, have already been easily defeated, however.
"This configuration allows the EMBASSY Device to be active throughout the entire bootup process, thus capable of performing a Secure Boot," the whitepaper reads. "The root of trust within this configuration is the system BIOS where during the bootup process the BIOS will perform a self test and pass the trusted EMBASSY OS to the EMBASSY Device. At that time, the EMBASSY Device will perform the data collection of the system parameters during bootup and crosscheck the collected information with the trusted information stored within the EMBASSY Device's secure memory. If there are any discrepancies found, the system will alert the end user and appropriate action can be taken."
The chip also works to prevent defeating the chip at the BIOS level. "With the EMBASSY Device in this configuration, an upgrade of the BIOS requires the system to go through the EMBASSY Device, allowing the EMBASSY Device to validate the upgrade process before the BIOS ROM is reflashed," the whitepaper adds.
According to Callahan, the system is in trials with NEC Computers' Packard Bell division, which sells PCs in Europe, Asia, and Latin America, but not in the U.S. A spokeswoman for Packard Bell in the United Kingdom could not be reached by press time for confirmation.
"The test is just coming on line," Wave's Callahan said.
