[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A _good_ and valid use for TPM
From: |
Jan Alsenz |
Subject: |
Re: A _good_ and valid use for TPM |
Date: |
Sat, 21 Feb 2009 16:00:30 +0100 |
User-agent: |
Thunderbird 2.0.0.19 (X11/20090104) |
Robert Millan wrote:
> On Sat, Feb 21, 2009 at 03:20:39PM +0100, Jan Alsenz wrote:
>>> "remote attestation" is only useful when you want to coerce others into
>>> running your (generaly proprietary) software. I hope this is not what you
>>> want to do.
>> Yes, this is exactly what he tries do to: convince his keyserver, that the
>> requesting server runs, what it's supposed to.
>>
>> Which is exactly remote attestation, just in this case he controls both
>> sides,
>> which I think makes it an interesting use of the technology.
>
> That would be like trying to rob yourself by threatening yourself with a gun,
> instead of simply drawing money from your wallet.
Sorry, I don't get that analogy...
> If you just want to ensure noone is tampering your box, simply make your box
> tamper-proof. You don't need a protocol to allow third parties to check
> anything.
Ok, but if you have such a protocol, only use it for yourself and do trust the
manufacturer, you only have to secure one of your boxes instead of them all,
which is usually much easier.
>>> This is unnecessary. Once GRUB supports crypto, it can simply load
>>> itself from an encrypted filesystem on disk. An image can be of
>>> arbitrary size.
>> Ok, but where does it get the key from?
>
> The public key (or just a hash) can be embedded in GRUB itself. In the
> instance of GRUB that goes to the flash chip, that is.
>
>> And how can wherever the key comes from be sure that it's talking to GRUB?
>
> Because you put it there, and made sure noone can overwrite it afterwards.
Making sure, that noone can override it, can be awfully difficult, especially
under a physical attacker. A hardware that is at least a bit designed to
withstand such an attack can help a lot.
Greets,
Jan
signature.asc
Description: OpenPGP digital signature
- Re: A _good_ and valid use for TPM, (continued)
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/19
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/19
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/19
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/19
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/20
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/27
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/21
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
- Re: A _good_ and valid use for TPM,
Jan Alsenz <=
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/22
- Re: A _good_ and valid use for TPM, Michal Suchanek, 2009/02/22
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/22
- Re: A _good_ and valid use for TPM, step21, 2009/02/22
- Re: A _good_ and valid use for TPM, Michal Suchanek, 2009/02/23
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/27
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/27
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21