> On 11/16/2014 11:18 AM, David Li wrote: > > > > A Perhaps related topic that I often find people asking is: "How > > do you > > trust the TPM itself given today's global economy?". There is one > > school > > of thought that regards the TPM as totally untrustworthy. Another > > thinks > > it's trusted to some degree. The debate seems never ending without > > a > > clear answer. > > > > I am curious about what experts on this list think of this issue. > > Since we're engineers, can you provide references for the "totally > untrustworthy" research? I've seen some papers on errors in the old > 1.1b TPMs, before there were good test suites. I've also seen some > research attacking the infrastructure, generally hardware attacks > that > the TCG doesn't claim to protect against. > > I haven't seem any research at all concluding that the TPM is totally > untrustworthy. >
I think this question is not about TPM itself but more about the entire root of trust. Essentially, do you trust your board manufacturer? Can you be sure that it is not putting backdoor code in the BIOS that can intentionally exclude some attributes to be excluded from hash? Can you trust the chip manufacturer? Can you be sure that TPM chip is not a altered replica coming from a third party? I think the technology itself is secure enough but it is only a part of the equation. If one wants to be absolutely sure that root of trust is not compromised then he or she would need to follow security protocols that would include supervising of the entire manufacturing process of both TPM chips and boards and verifying every bit of the BIOS code (which is proprietary in most cases). In the real world all these measures are eithr too costly to implement or totally unrealistic. This implies that TPM based security is as trustworthy as Asian manufacturer that supplies your boards. As with any security related application it is all about trade-off between value of assets you are protecting and cost of the security overhead. But I'm pretty sure that cost of subverting properly implemented TPM based security would be very high and this is good enough for substantial number of applications. ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
