In any case, if your attacker is that much determined to archieve
their goal,
reverse engineering a small chip isn't going to stop them.
Reverse engineering the TPM chip is very costly. And I'm not going to
try to protect data from NSA or CIA or another three-letter agency.
On this you have to trust the manufacturer. Actually you can't know how
difficult reverse-engineering is before you do. And it's only a matter
of time before some crypto-hardware geek reverse-engineers it because he
was bored or a crypto-student does it because it gives him an excellent
diploma. This is quite possible because universities often have the
necessary equipment and diploma works are supposed to be long and
difficult. At this point reading a publication and using its results is
trivial. And look at reverse-engineered opensource drivers. It's just a
matter of obfuscation and we already know that it brings no security. If
you want to protect your keys the only ways is to physically protect
them like putting concrete around the flash chip
Regards
Vladimir 'phcoder' Serbinenko
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
http://lists.gnu.org/mailman/listinfo/grub-devel
