On Wed, Sep 15, 2004 at 07:30:19PM -0500, Frank Knobbe wrote: > On Tue, 2004-09-07 at 15:22, Steve Watt wrote: > > Having the password compiled in to something that's necessarily clear-text > > on the same media? > > Sorry for being late... I'm still catching up on piles of email :) > > > Instead of having a plaintext password on the same media, how about a > mechanism that reads the CPU's serial number, or some other hardware > dependent number that can not be read by users on a system. If the drive > gets removed from the system, the attacker would have a challenge. > > Of course you have to be careful before you replace failed hardware that > is used to derive the key :) Don't replace the failed CPU before you > decrypted... no wait... uhm... :) Okay, how about an offline copy of > the number in case of hardware failure... :) > > Seriously though, tying the boot process to a hardware dependent value > that is not accessible from within the booted system might be something > to consider. > > Any thoughts?
One word that Bruce M. Simpson already mentioned: TCPA :) Well, it's not exactly what you describe, but it is basically what you describe done right - no offense intended, of course, I mean that the TCPA specs at http://trustedcomputinggroup.org/home seem to provide the benefits that you are looking for in a framework that mostly alleviates the problems. Of course, the key word is 'mostly', and there is more to TCPA than just encrypted booting, and there are lots of people who disagree with the 'more' part, but still you might want to take a look at it. G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 I am the meaning of this sentence.
pgpnGpS6hD6NJ.pgp
Description: PGP signature
