Dr S N Henson
Mon, 25 Jun 2001 10:20:41 -0700
Patrick Valsecchi wrote: > > > I don't have to store each signature of each bin into the smartcard. I won't > have enough RAM for that! I'll store inside each executable and library the > signed crypto hash. The kernel will check if the crypto hash is still the same > and the smartcard will just check if the signature of the crypto hash. > I'm curious as to why the smartcard is being used for the crypto verification as opposed to the boot-loader and subsequently the executable loader. They might for example have a hard coded public key or some root CA depending on how sophisticated you want to be. You of course have to be very careful that the public key or certificate cannot be replaced. If there is some reason to use a smart card then that also has to be handled carefully, otherwise someone could just replace it with something that either always returns successful (for any signature) or allows other (known) keys to sign the executables. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. *************************************************************** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***************************************************************