Forwarded From: darek milewski <darekm@cmeasures.com>
http://www.news.com/News/Item/0,4,31182,00.html?st.ne.ni.lh
Intel exec envisions "the trusted PC"
By Tim Clark
Staff Writer, CNET News.com
January 20, 1999, 3:00 p.m. PT
SAN JOSE, California--Elaborating on plans to build security into its
chips and other hardware, Intel today outlined its vision for "creating
the trusted PC," building on the widespread acknowledgement that putting
security in hardware, rather than software, is more robust.
Patrick Gelsinger, group vice president of Intel's desktop products
group, also detailed the giant chipmaker's stepped-up lobbying on privacy
and government controls on exporting strong encryption.
"Intel will deliver the security building blocks to enable the
trusted, connected PC," Gelsinger said at the RSA Data Security
conference, expanding on the announcement earlier this week of a broad
partnership with RSA.
"Security is only as a strong as the foundation, and hardware means
stronger trust," he said, indicating plans to include security in its
Pentium III chips, chipsets, motherboards, and other products.
"We are not replacing software, we are building a foundation for
trusted software," he said.
Gelsinger also promoted Intel's Common Data Security Architecture
[CDSA], a framework for infusing security into all aspects of computers
built with Intel chips. In addition to its own CDSA, Intel products will
enable Microsoft's Crypto API [CAPI] and RSA's security framework.
Anticipating an upcoming announcement, he revealed that Compaq has
signed onto the CDSA alliance, joining IBM, Security Dynamics, Hewlett
Packard, Lotus, Certicom, Motorola, and AT&T.
Yesterday, Ireland's Baltimore Technology said it will create CDSA
software tools for markets outside North America.
This year, Intel will add serial numbers to each Pentium III
processor, making it easier to identify the specific machine being used in
an online environment, Gelsinger said. The chipmaker also will add a
random number generator, a common cryptographic technique, to the chipset.
The RNG will use the thermal noise of semiconductor resistors to create
random numbers, thus enabling better cryptography and digital signing
protocols.
The chips will ship by the end of March, he said.
Further, through its pending acquisition of Shiva, Intel's networking
group will support IPSec, an important Internet security standard.
"We are happy and surprised by enthusiasm from application developers
for the processor serial numbers," Gelsinger said, adding that 30-plus
software developers have committed to write both consumer and business
software that takes advantage of putting a unique number on every Pentium
III processor.
Next year, Intel will add authentication capabilities to its
offerings, and in 2001 will deal with peripheral devices.
On the public-policy front, Gelsinger campaigned hard for lifting
U.S. limits on encryption exports, a popular stand at the conference.
"The government should not limit the global deployment of necessary
encryption technology. Intel wants to ship products on a global basis, run
our business on a global basis, conduct e-commerce on a global basis, and
manufacture products on a global basis," he said.
He praised this week's announcement by France that it would soften
its controls of encryption, deregulate the use of strong, 128-bit
encryption within France, and spend more on security research.
"The right policy is fighting technology with technology," Gelsinger
said. Intel strongly opposes secret "back doors" in encrypted products
that allow the government to obtain the cryptographic keys to decrypt
scrambled data, he said.
On privacy, he said Intel will build into its chips the ability for
individuals to control whether to hide their identity online. Intel also
will make people aware of the kind of data being collected about them.
Some online privacy advocates worry that serial numbers will allow a
way to track individuals on the Internet. But Intel counters that concern
by arguing that serial numbers would improve security and protect the
privacy of individual users.
"This does not in any way limit anyone's privacy or capabilities in
terms of what they can do," according to Intel spokesman Seth Walker.
"Intel will never keep a list of processor numbers of which processors go
where. This is designed to bring greater security to end users and help
grow the pervasiveness of e-commerce worldwide."
As an example, he argued that individuals would be more willing to
send personal medical information over the Net if they had the additional
layer of security provided by serial numbers on their hardware.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Thu Mar 11 17:07:57 1999