David Li <[email protected]> writes: > Can an attacker easily change or swap these hash values inside the TPM > if he has the root privilege?
The scenario I described is designed to allow remote parties to detect an OS image that has been modified by the adversary. The scenario assumes we trust the everything up to and including the boot loader, as it is what places values in the PCRs. Suppose the adversary knows the provisioned set of PCR hashes, and has inserted code into the OS image. To remain undetected, when the adversary's code is executed, the adversary would like to replace the PCR values measure by the boot loader with ones in the provisioned set. The TPM is designed to prevent this attack. When one extends a PCR, one computes the hash of the current value and the new value, and places that hash in the PCR. Because of the hashing, it improbable that the adversary can extend the PCR with a value that would reproduce the provisioned value. There are ways to remove the BIOS and the boot loader from the list of trusted components. Intel's TXT hardware, and AMD's equivalent provide a means by which the hardware measures software used in the early boot process. John ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
