TPM & disk crypto
James A. Donald
jamesd at echeque.com
Tue Oct 10 00:40:26 EDT 2006
--
Kuehn, Ulrich wrote:
> However, this is the big problem with the TPM
> according to the TCG spec. While you can remotely
> verify that the system came up according to what you
> installed there, you have no means to force it to
> either come up the way you want, or to be in a clear
> error state. That is the huge difference between the
> verifiable booting the TPM provides and secure
> booting, which would run only predetermined software.
>
> I assume that the TCG chose not to implement the
> latter due to fear of public bashing...
What we want is that a bank client can prove to the bank
it is the real client, and not trojaned. What the evil
guys at RIAA want is that their music player can prove
it is their real music player, and not hacked by the end
user. Having a system that will only boot up in a known
state is going to lead to legions of unhappy customers
who find their system does not come up at all.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
mzJSAlA4uoeaqcIPwxmdSTaMGpCr10BSXet2rKo+
4C0qq8mGmz37gK89YinlEpVVumD1TtkcDOd8iHHGh
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list