> From: Martin Schneider [mailto:martincschnei...@googlemail.com] > Sent: Monday, August 29, 2011 7:55 AM
Please use the tboot-devel mailing list for discussions and questions; tboot-changelog is just for automated notifications from the source code control system. > Hi list, > > I am new to tboot / Intel TXT technology and have some questions, mainly > concerning the role of > the TPM in the Intel TXT architecture. > > Up to now I went through the "Intel Safer computing Initiative" book by David > Grawrock and think I > have a basic understanding what SINIT > does: Preparing a secure launch environment for a hypervisor and doing some > measurements which are > put to the TPM of the system. When my understanding is correct, tboot is a > specific implementation > for SINIT for being used with the XEN hypervisor...? I would say that tboot is a specific implementation of an MLE (Measured Launched Environment). Tboot encapsulates (most of) the TXT-specific knowledge so that it can launch an OS or VMM that is only minimally aware of TXT. Tboot works with Linux/KVM as well as with Xen. > What I absolutely do not understand is the role of the TPM in the > architecture. Besides holding > the measurement values of the SHA-1 fingerprints from SINIT (PCR17) and the > hypervisor (PCR18) I > do not see the need for the TPM. I does not enforce anything or make anything > more secure? Or am I > mistaken here? Actually the TPM is only useful when I want to do some kind of > remote attestation > of my environment. > The big problem I see is, that I can not use e.g. tboot when no TPM is > available? Or am I > mistaken? The TPM is fundamental to the TXT architecture. Without a secure location for the measurements made by the TXT hardware, firmware, and software there would be no secure way of knowing that TXT was actually used for a launch. An MLE that does not use the TPM measurements for remote attestation or sealing cannot really be sure that it was launched with TXT. > My next big question is: what is different if I use tboot and when I do not. > Where is the security > plus? If tboot, or some other TXT MLE, is not used then you are left with a static root of trust based in BIOS. David Grawrock's book should describe the differences between dynamic and static roots of trust (it is a bit much to go into via email). > It would be very kind of you to de-confuse me a little or point me to some > useful reading > material... > > Best regards > Martin > > ------------------------------------------------------------------------------ > EMC VNX: the world's simplest storage, starting under $10K The only unified > storage solution that > offers unified management Up to 160% more powerful than alternatives and 25% > more efficient. > Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev > _______________________________________________ > Tboot-changelog mailing list > tboot-change...@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/tboot-changelog ------------------------------------------------------------------------------ Special Offer -- Download ArcSight Logger for FREE! Finally, a world-class log management solution at an even better price-free! And you'll get a free "Love Thy Logs" t-shirt when you download Logger. Secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsisghtdev2dev _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
