On 30.11.2017 20:51, Igor Skochinsky wrote:
The private key does not exist anywhere in the firmware or in the chip, only somewhere in Intel's HSM (I assume).
hmm, could there be an jtag access part to it ?
1) factor the public key (RSA-1024) 2) find a pair of keys where the pubkey hash matches one of those accepted by the ME (the hash is SHA512 in the latest versions, was SHA-1 before).
maybe we should ask our friends @google, whether they could spend enough computing power to crack it ;-) --mtx -- Enrico Weigelt, metux IT consult Free software and Linux embedded engineering [email protected] -- +49-151-27565287 -- coreboot mailing list: [email protected] https://mail.coreboot.org/mailman/listinfo/coreboot
