TPM & disk crypto
Martin Hermanowski
lists at martin.hermanowski.name
Mon Oct 9 13:03:03 EDT 2006
Alexander Klimov schrieb:
> On Fri, 6 Oct 2006, Erik Tews wrote:
>
>>> And the TPM knows that your BIOS has not lied about the checksum of grub
>>> how?
>>>
>> The TPM does not know that the BIOS did not lie about the checksum of
>> grub or any other bios component.
>>
>> What you do is, you trust your TPM and your BIOS that they never lie to
>> you, because they are certified by the manufature of the system and the
>> tpm. (This is why it is called trusted computing)
>>
>
> IIUC, TPM is pointless for disk crypto: if your laptop is stolen the
> attacker can reflash BIOS and bypass TPM. Moreover, TPM is actually
> bad for disk crypto: without it you lose your data only if your HDD
> dies, now you lose your data if your HDD dies *or* if you motherboard
> dies. If the user is not experienced in BIOS reflashing, they also
> lose their data if OS crashes and refuses to boot (not uncommon for
> some common OSes).
>
>
There is a great risk of data loss if the TPM protection is badly
implemented. You can, however, store an encrypted key in your (not
encrypted) hard disk, and save the decryption key both inside the TPM
(bound to valid bios/boot loader/Kernel/OS PCR values) *and* in a second
place for emergency recovery (like a memory stick in a safe).
This way, the data on the hard disk can only be decrypted, if the
unaltered operating system is used - the TPM will not decrypt the bound
data if the system state changed. Of course, after reflashing your bios,
you need to use your second key credential (once).
--
Martin Hermanowski
http://martin.hermanowski.name
https://www.openbc.com/hp/Martin_Hermanowski/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20061009/96366164/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20061009/96366164/attachment.pgp>
More information about the cryptography
mailing list