[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A _good_ and valid use for TPM

From: phcoder
Subject: Re: A _good_ and valid use for TPM
Date: Thu, 19 Feb 2009 20:30:11 +0100
User-agent: Thunderbird (X11/20090105)

Alex Besogonov wrote:
First of all your system is still totally vulnerable to emanation and
power analysis or hw tampering.
Yes, but that's way too hard.

Sure? There was a demonstration when rsa key was recovered just by plotting variations on powerline of usb port
And what about cache attack?

By reflashing bios one can bypass all
tpm protections (don't say it's difficult because it's closed source and
so on. Look at all closed source obfuscations/pseudo-protections that
get cracked every day)
That's possible, but again I consider this not critical. BIOS itself
is checksummed and checked by the root of trust.
Isn't bios (or part of it) the root of "trust"

Personally if tpm support is merged into mainline grub2 I'll stop using
Because I don't want support this technology. TPM=obfuscation=unsecurity. And as an opensource and open security fan I can't claim to have solved an impossible problem. But if you want to use obfuscation schemes it's your right
Won't work.

For example, attacker can run everything inside a hypervisor and then
just dump memory and extract decryption keys. You have no reliable
ways to detect hypervisor from inside the running OS. You can pile
layers upon layers of integrity checks, but they are useless if
hardware itself is not trusted.  TPM allows me to establish this
You assume that noone will develop hypervisor able to fool tpm bios. One could powercut the tpm chip (similar to how a resistor is remove to avoid burning efuses in xbox) then power would be reestablished to it and bios would be executed on hypervisor which will retrieve the keys. Actually you can trust tpm only as much as you trust in obfuscation power of bios. Only obfuscation prevents attacker from disconnecting tpm and reading keys from it. And there are only few types of tpm. Sooner or later someone will figure their interface. Then it can be read by special usb adapter

Actually, I can probably even formally prove this assumption.

I really don't see you point. With my proposition mbr still can be verified by tpm but grub2 needs to know nothing about tpm as long as it ensures it doesn't load any unsigned modules. This approach is more versatile. It can be used also for e.g. checking that debian install is really from debian. And having experience with manufacturers supplying buggy hw and sw tend to avoid solutions directly relying on hardware when another implementation is possible Which collaboration other than not loading anything unchecked does your scheme need from grub?
From readme of trustedgrub the only thing it does is checking integrity
First advantage is that you can override it manually supplying grub password
Administrator can manually override TPM by supplying the decryption
key directly instead of fetching them from my key server.

[skipped because this scheme just won't work]

I personally would be interested in implementing security features in
grub2 as long as tpm stays away
Then that's a religion, not engineering.
Tell it what you want but I don't trust code that I can't verify. And tpm is root of obfuscation.

PS: please, can you CC me when you answer my posts?
Could you come to irc channel or meet me at jabber/gtalk?
Vladimir 'phcoder' Serbinenko

reply via email to

[Prev in Thread] Current Thread [Next in Thread]