Use of TPM chip for RNG?
leichter_jerrold at emc.com
leichter_jerrold at emc.com
Tue Jul 4 12:45:24 EDT 2006
| On 7/3/06, Leichter, Jerry <leichter_jerrold at emc.com> wrote:
| > You're damned if you do and damned if you don't. Would you want to use
a
| > hardware RNG that was *not* inside a tamper-proof package - i.e., inside
| > of a package that allows someone to tamper with it?
|
| Yes. If someone has physical access to your equipment, they could
| compromise it. On the other hand, if you have access to it, you can
| establish a baseline and check it for changes.
This assumes an odd definition of "tamper-proof": I can't look inside,
but the bad guys can change it without my knowing. There are such
things around - all too many of them; your typical Windows PC, for
most people, is a great examplar of the class - but no one describes
them as "tamper-proof". "Tamper-proof" means that *no one* can change
the thing. Obviously, this is a matter of degree, and "tamper-resistant"
is a much better description. But there are devices considered
"tamper-resistent" against very well-funded, very technologically
adept adversaries.
| I recall the book
| titled "Computer Security" by Carroll suggested taking polaroids of
| all your equipment, and from each window, and other even more paranoid
| things....
which is yet another issue, that of tamper-evident design. If your
design isn't tamper-evident - which again is a matter of degree -
it's unlikely your pictures will do you much good against even a
moderately sophisticated attacker. With physical access and no
tamper evidence, a couple of minutes with a USB stick is all that's
necessary to insert some rather nasty code, which you have little
hope of detecting, whether by physical or software means.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list