TPM & disk crypto
Alexander Klimov
alserkli at inbox.ru
Tue Oct 10 11:42:57 EDT 2006
On Mon, 9 Oct 2006 kkursawe at esat.kuleuven.ac.be wrote:
> > IIUC, TPM is pointless for disk crypto: if your laptop is stolen the
> > attacker can reflash BIOS and bypass TPM.
>
> According to TCG Specification, the first part of the BIOS (called
> Core Root of Trust for Measurement) should be non-flashable; this
> part then checksums the rest of the BIOS, option ROMS etc. and
> reports those to the TPM. I don't know how this is done in devices
> currently sold, but at least it should not be trivial to reprogram
> that part of the BIOS.
Even if BIOS is real ROM, but there are some inter-chip links between
ROM, CPU, and TPM, it seems possible for an attacker with an iron and
FPGAs to trick the TPM to reveal the secret. That is against
highly-motivated attacker TPM does not give really more protection
than truecrypt, but for a casual attacker (who is just curious what is
on a stolen laptop) even truecrypt is enough.
--
Regards,
ASK
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list