Cryptographers sound warnings on Microsoft security plan
Just three weeks before Microsoft Corp. publicly details plans to create a secure operating mode for Windows PCs, two top cryptographers have raised concerns about Microsoft's approach.
Whitfield Diffie, a distinguished engineer at Sun Microsystems Laboratories, said an integrated security scheme for computers is inevitable, but the Microsoft approach is flawed because it fails to give users control over their security keys. Ronald Rivest, an MIT professor and founder of RSA Security, called for a broad public debate about the Microsoft move.
Microsoft first tipped its plans, formerly code-named Palladium, about a year ago. Since then some details have emerged about the concepts for what Microsoft now calls the next-generation secure computing base (NGSCB, pronounced "enscub").
Microsoft has detailed its plans to as many as 30 partners under non-disclosure agreements. The company plans to unveil the full technical details and partnerships behind its plans at the Windows Hardware Engineering Conference in early May.
[ Read more ]