Wave Systems Corp. (fka WAVXQ)

[Whitewash]

Trusted Computing for Nanofactories

http://wise-nano.org/w/Nanofactory_Security_Design#Trusted_Computing_for_Nanofactories


Why to Restrict Nanofactories
There are several distinct motivations for restricting the output of a nanofactory.

Security enforcement
Intellectual Property enforcement
Regional production restrictions

TPM for security and for intellectual property enforcement (and other goals) should be separate, so that circumventions of one TPM do not circumvent the others. Intellectual property pirates should not need to compromise the security protection measures in order to get their "free ride". Otherwise, the much larger community of IP pirates will be forced to become terrorists, as well. While this distinction might sound favorable the IP advocates, a compartmentalized design would be overall safer. Like Trusted Computing, Trusted Manufacturing WILL be cracked, and it is critical that the security design have an equal, if not greater, focus on mitigating the damage circumventions can cause as it does on preventing circumvention.

Trusted Computing for Nanofactories
The Trusted Computing Group publishes technical specifications that are being implemented by computer hardware manufacturers to enable applications a that require a level of trust between interoperating parties with regard to the computing environment. Without hardware support, these applications would not be possible. It is conceivable to implement a similar system within a nanofactory, whereby only approved designs (or classes of designs) can be produced by a consumer nanofactory. Such designs would be cryptographically signed by an appropriate authority (or a sufficient number of recognized authorities - see Distributed Design Authority, below)

[edit]Distributed Security Certification Authority
With any centralized authority, there is the posibility of corruption. Requiring that consumer nanofacotry designs be signed by just a single key creates a single point of failure, both technically, and politically. Corrupt officials may be persuaded, coerced, or duped into approving a dangerous design. A dedicated and well-resourced attacker may also compromise a single key, leaving an entire line of factories with the ability to create any product with the counterfeit signature.

Some jurisdictions may also prefer to impose additional restrictions on consumer nanofactories, over and above security and intellectual property enforcement. Each region would need to create and administer their own certification authorities.

Recent work on distributed reputation systems, such as Credence, shows promise that it may be possible to establish lawful certification authorities on various regional scales of legal jusridiction by implementing the democratic process directly into the nanofactory's design.

(describe how a system like this could work)

(StumbleUpon, Amazon - similar reputation techniques, but centralized)

[edit]Trusted GPS
Is it possible to create a spoof-proof geolocation system? If so, nanofactories could identify which jurisdictions they were operating within, and adjust their restrictions accordingly.