On 11/11/2014 11:04 PM, David Li wrote: > My server's motherboard is shipped with TPM and the vendor already > placed firmware hash values in the PCRs. This is not under my control > each time the server boots up. My goal as an user is to authenticate > these values and confirm they are the same as previously stored good > ones. Apologize if these have been discussed before.
I don't think you can do this locally. If your software is compromised, it can skip the authentication and simply return "success". > > The questions I am struggling with are: > > 1. How would the vendor prove that these PCR values are authentic? Does > it sign them with the AIK private key? In other words, can an attacker > easily put in his own PCR values if he has the root privilege in OS? The vendor could (but probably doesn't) publish a white list of authentic values. It is up to you to determine "trusted" values, which could be any authentic values, the latest patch, some old version that you also trust, and which option ROMs and OS drivers you trust. There's no easy answer to "what software can I trust." The TPM just securely tells you "what software am I running". An attacker can __add__ values to a PCR, but cannot remove values and thus hide itself. Once the attack SW is measured, it can't be reversed. > 2. How would I be able to authenticate these values? Should I somehow > obtain an certificate on the AIK public key and use that to verify the > signatures on these PCR values? The TPM "quote" does a signature over the PCR values with an AIK. Verification includes many steps: - walk the AIK certificate chain back to your root - verify the signature against the AIK public key - verify the PCRs against the PCR hash - verify the event log against the PCRs - establish trust in the event log entries The latter one is the hard one. ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
