I may be misunderstanding TEEs (I just learned about them from an HN post), but I have question regarding the features that seem to allow what seems to be the perfect form of DRM (to my maybe limited understanding of current DRM technologies).
First, do I understand correctly that they can be used as the following?:
- User looks to buy and download software. He contacts the software vendor (visits his site).
- Vendor requests certificate of his TEE (refuses to sell otherwise).
- User provides it (maybe he understands what that means, maybe it's part of an automated protocol the OS runs in a more user-friendly manner).
- The vendor checks the certificate, making sure that:
- The contained TEE hardware-instance-specific public key is signed by the private key corresponding to the also-contained manufacturer public key, and that
- The manufacturer belongs to a list of manufacturers he trusts (where he may have obtained that list from a source he trusts).
- The vendor takes the TEE public key and encrypts his program with it.
- The vendor provides the encrypted program to the user.
- The user is able to run the program all he wants in his TEE, but is unable to get it to run in any other TEEs, thereby rendering software piracy practically impossible, unless he gets his hands on expensive equipment and skills to reverse engineer the TEE hardware containing the private key to decrypt it.
Step 4 could be done with bare public keys and no certificates, but that would allow people to software emulate TEEs and therefore get their hands on the decrypted version of the vendor's software, rendering the whole thing moot.
I see Wikipedia mentions this:
To prevent simulation of hardware with a user-controlled software a hardware root of trust is used.
Does "hardware root of trust" mean that there is a PKI?
What's the current status of this technology? Wikipedia mentions that there are standardization efforts. Are current vendors all selling different variations of this? If that's the case, are they using different methods to authenticate TEEs or are they all using e.g. x509 certificates? If they're all using x509 certificates, has someone compiled a list of trusted root certificates, like the browser vendors have done for websites?
Basically, what I'm asking is if there's any list available to do step 4.2 programatically.