On Mon, May 08, 2006 at 09:17:01PM +0000, Jason Holt wrote: > > On Sun, 7 May 2006, Michael Halcrow wrote: > >On Sun, May 07, 2006 at 05:35:32PM +0000, Jason Holt wrote: > >>I've never been able to nail down a case of a non-evil use of this > >>technology that couldn't be done purely in software or with a much > >>simpler piece of hardware. Could you describe one or two, please? > >>(And as to naming, you have to admit that they've come up with a > >>bewildering number of terms for everyone to keep straight.) > > > >One use I have in mind involves protecting the key that is used to > >encrypt the contents of a device, wherein the data on that device > >should only be accessible on a certain host or set of hosts running > >a particular operating environment. The TPM can be configured to > >only ``release'' a key if the machine is attested with a certain > >stack (bootloader, kernel, modules, etc.). If an attacker gets a > >hold of the storage device and the passphrase, he still cannot > >decrypt the contents without being at the machine, and the machine > >must be booted through a trusted chain in order for the key to be > >released -- meaning that the authentication mechanism enforced in > >that operating environment also protects the data. > > Can you make that example more concrete? Are you saying I have a > USB disk encrypted against a key in the TPM module?
Well, with eCryptfs, which, of course, is the crypto app I have in
mind in my examples, you don't really think in terms of an entire disk
being encrypted -- rather, you have individual files being encrypted
according to various policies. So yes, in this example, you have some
files in a USB pen drive that you would like to be accessible either
from your workstation in New York or your workstation in Texas, for
instance, and you are flying between New York and Texas.
> What attacker am I worried about?
You're the wrong victim, since you probably pick decently secure
passphrases. It's the attacker against Grandma Alice or CEO Carol that
I am more worried about. Gradma's and CEO's are notorious for picking
bad passphrases. Cryptographically locking files that contain trade
secrets to company systems makes a lot of sense. CEO Carol can store
her OpenOffice.org presentation on the same USB storage device as her
quarterly financial statement, and while the presentation is
decryptable with just a passphrase, the financial statement will need
*both* the passphrase *and* the private component of the asymmetric
key locked in the TPM on her machine in her office -- or, more
generally, the private component of the asymmetric key locked in the
TPM's of all corporate machines classified as appropriate to handle
data of a certain level of sensitivity.
> Somebody who steals the disk from my house? From my luggage? (Is
> it even useful to take it in my luggage? IE., can anybody else even
> use the disk?)
With eCryptfs, you will be able to specify an arbitrary set of
keypairs to protect any given file. Remember, eCryptfs is sort of a
``pgpfs.''
Mike
.___________________________________________________________________.
Michael A. Halcrow
Security Software Engineer, IBM Linux Technology Center
GnuPG Fingerprint: 419C 5B1E 948A FA73 A54C 20F5 DB40 8531 6DCA 8769
"There is no human society without gossip."
- Pascal Boyer
signature.asc
Description: Digital signature
/* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
