On Wed, Aug 19, 2009 at 10:13 PM, Duboucher Thomas<tho...@duboucher.eu> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Vladimir 'phcoder' Serbinenko a écrit : >> Could you please avoid using abbreviations. It's already hard to read >> TPM specs because of their twisted terminology. If EKP is the key >> stored in the TPM then manufacturer can keep a copy of public or >> private key and nobody will notice. > > Sorry for the abbreviations. :| > According to the specs, the private endorsement key must not come out of > the TPM. Also, the pair has to be signed by the "manufacturer". If the > manufacturer is not trutworthy, he can squirt the keys and then have a > local copy of the pair. However, it's no use keeping this key since its > only use is to generate AIK (one-time key pairs that are used to > comunicate using HMAC). > There is a point in keeping them - remote atestation. Why do I need manufacturer to sign my key? >> By using this key you can prove manufacturer that you use the key he >> burned in device it controls which opens the bad doors. > > Well, like in any security system, you suppose the system itself is > secure ... which is not always the case, intentionnaly or not. Even if you're in an insecure prison you're still in a prison. > > It's not against my words. I was telling that a malicious manufacturer > can use a TPM to build a system where the BIOS is less likely to be > modified. And if on top of this he uses this to protect the operating > system ... These are use cases of TPM that _we_ don't want to see. Unfortunately it's the cases it's designed for. > >> If you have tokens why do you care if attacker has your passphrase. >> And just the keyboard input can contain a lot of valuable data itself. >> Why do you suppose that attacker can stole the laptop but not the token? > > I'm not making any supposition, I'm making all of them. And I'm trying > to reduce the different schemes an attacker could use. There is _always_ > a way to steal the secret. At least let's make it less likely to happen. > Without threat model we're speaking placebo.
-- Regards Vladimir 'phcoder' Serbinenko Personal git repository: http://repo.or.cz/w/grub2/phcoder.git _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
