On 30.10.2012 20:00, Natanael wrote: > *Rootkits*. Just replace the firmware.
Good point. Have not heard about firmware-updatable GPUs yet though, but I suspect that it's just under my radar. > Den 30 okt 2012 19:13 skrev "Jonas Wielicki" <[email protected]>: > >> On 30.10.2012 14:30, Natanael wrote: >>> Yeah, this looks like TPM with software protection instead of hardware >>> protection. >>> >>> Rootkits can screw it up. >> >> I guess that is why the researchers suggested an on-GPU >> challenge-response protocol implementation which would not hand out the >> initial SRAM state directly to any software. >> >>> Den 30 okt 2012 14:27 skrev "Solar Designer" <[email protected]>: >>> >>>> This is very curious, but ... >>>> >>>> On Tue, Oct 30, 2012 at 10:08:06AM +0100, Eugen Leitl wrote: >>>>> Cloning the actual SRAM state in a GPU is not possible, said Dr. Lange. >>>> "What >>>>> we've done so far in our research is reading out this SRAM state. We >> can >>>> of >>>>> course copy this readout. What we're aiming for is to put an >>>> authentication >>>>> system in place where the GPU never hands over the raw data. Instead >> the >>>> GPU >>>>> uses it in a challenge-response protocol, just like the secret key in a >>>>> signature system or zero-knowledge protocol. This does rely on the OS >>>> and/or >>>>> hypervisor shielding the card from bad requests, such as ???hand over >>>> all your >>>>> secrets,???" she said. >>>> >>>> ... since it relies on OS and/or hypervisor security anyway, about the >>>> same functionality and security (not a lot of it) can be achieved by >>>> keeping the secret in a disk file (protected with filesystem/OS >>>> permissions) and having the crypto implemented in an OS driver (or >>>> privileged program). Use of a GPU does not appear to provide much >>>> advantage on top of that. It can't be physically cloned, but if OS >>>> security fails, then the GPU's secrets can be cloned and the >>>> authentication protocol simulated in host software (on attacker's >>>> machine, without the GPU). >>>> >>>> Alexander >>>> _______________________________________________ >>>> cryptography mailing list >>>> [email protected] >>>> http://lists.randombit.net/mailman/listinfo/cryptography >>>> >>> >>> >>> >>> _______________________________________________ >>> cryptography mailing list >>> [email protected] >>> http://lists.randombit.net/mailman/listinfo/cryptography >>> >> >> _______________________________________________ >> cryptography mailing list >> [email protected] >> http://lists.randombit.net/mailman/listinfo/cryptography >> > _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
