On Friday 20 February 2009 02:29:50 Jan Alsenz wrote: > So in the end (after boot) you have a bunch of PCR values, that represent > all the code and data, that was used to boot the system. If you have this > and are sure, that the current configuration is correct, you have a > reference value of the expected system state, which you can use for the > following: > - seal a key: > You can create a key with the TPM and "bind" it to specific values of > the > PCRs, so it only en/decrypts with it, if these values match. > You can encrypt any kind of data with this, but the only useful thing > for > boot is to encrypt a cryptographic key needed to further start the system.
Last year I implemented support for encrypted partitions in GRUB2 [1], which means that it can load kernels and ramdisks off encrypted partitions. TPM support in GRUB2 would allow the key to be stored in the TPM and only provided to GRUB once the system has checked that GRUB hasn't been tampered with. TPM can be used for good or for bad, but this is the case for everything involving cryptography. We don't refuse to use encryption algorithms because they could be used for DRM, so why should we refuse to use TPM? TPM has the potential to make Linux even more secure. Regards Michael [1] My work is yet to be merged into GRUB2. -- http://michael.gorven.za.net PGP Key ID 6612FE85 S/MIME Key ID AAF09E0E
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
