On Sun, 7 May 2006, Michael Halcrow wrote:
On Sun, May 07, 2006 at 05:35:32PM +0000, Jason Holt wrote:
I've never been able to nail down a case of a non-evil use of this
technology that couldn't be done purely in software or with a much
simpler piece of hardware. Could you describe one or two, please?
(And as to naming, you have to admit that they've come up with a
bewildering number of terms for everyone to keep straight.)
One use I have in mind involves protecting the key that is used to
encrypt the contents of a device, wherein the data on that device
should only be accessible on a certain host or set of hosts running a
particular operating environment. The TPM can be configured to only
``release'' a key if the machine is attested with a certain stack
(bootloader, kernel, modules, etc.). If an attacker gets a hold of the
storage device and the passphrase, he still cannot decrypt the
contents without being at the machine, and the machine must be booted
through a trusted chain in order for the key to be released -- meaning
that the authentication mechanism enforced in that operating
environment also protects the data.
Can you make that example more concrete? Are you saying I have a USB disk
encrypted against a key in the TPM module? What attacker am I worried about?
Somebody who steals the disk from my house? From my luggage? (Is it even
useful to take it in my luggage? IE., can anybody else even use the disk?)
-J
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
