|
From: | phcoder |
Subject: | Re: A _good_ and valid use for TPM |
Date: | Sun, 22 Feb 2009 10:44:34 +0100 |
User-agent: | Thunderbird 2.0.0.19 (X11/20090105) |
On this you have to trust the manufacturer. Actually you can't know how difficult reverse-engineering is before you do. And it's only a matter of time before some crypto-hardware geek reverse-engineers it because he was bored or a crypto-student does it because it gives him an excellent diploma. This is quite possible because universities often have the necessary equipment and diploma works are supposed to be long and difficult. At this point reading a publication and using its results is trivial. And look at reverse-engineered opensource drivers. It's just a matter of obfuscation and we already know that it brings no security. If you want to protect your keys the only ways is to physically protect them like putting concrete around the flash chipIn any case, if your attacker is that much determined to archieve their goal,Reverse engineering the TPM chip is very costly. And I'm not going to try to protect data from NSA or CIA or another three-letter agency.reverse engineering a small chip isn't going to stop them.
Regards Vladimir 'phcoder' Serbinenko
[Prev in Thread] | Current Thread | [Next in Thread] |