grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A _good_ and valid use for TPM

From: Robert Millan
Subject: Re: A _good_ and valid use for TPM
Date: Sat, 21 Feb 2009 15:34:40 +0100
User-agent: Mutt/1.5.18 (2008-05-17) 
On Sat, Feb 21, 2009 at 03:20:39PM +0100, Jan Alsenz wrote:
> > 
> > "remote attestation" is only useful when you want to coerce others into
> > running your (generaly proprietary) software.  I hope this is not what you
> > want to do.
> Yes, this is exactly what he tries do to: convince his keyserver, that the
> requesting server runs, what it's supposed to.
> 
> Which is exactly remote attestation, just in this case he controls both sides,
> which I think makes it an interesting use of the technology.

That would be like trying to rob yourself by threatening yourself with a gun,
instead of simply drawing money from your wallet.

If you just want to ensure noone is tampering your box, simply make your box
tamper-proof.  You don't need a protocol to allow third parties to check
anything.

> > This is unnecessary.  Once GRUB supports crypto, it can simply load
> > itself from an encrypted filesystem on disk.  An image can be of
> > arbitrary size.
> Ok, but where does it get the key from?

The public key (or just a hash) can be embedded in GRUB itself.  In the
instance of GRUB that goes to the flash chip, that is.

> And how can wherever the key comes from be sure that it's talking to GRUB?

Because you put it there, and made sure noone can overwrite it afterwards.

-- 
Robert Millan

  The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
  how) you may access your data; but nobody's threatening your freedom: we
  still allow you to remove your data and not access it at all."
reply via email to
[Prev in Thread] Current Thread [Next in Thread]