TPM & disk crypto
Erik Tews
erik at debian.franken.de
Fri Oct 13 09:19:45 EDT 2006
Am Donnerstag, den 12.10.2006, 14:31 -0400 schrieb Ivan Krstić:
> Kuehn, Ulrich wrote:
> > Who is "we"? In the case of my own system I payed for (so speaking
> > for myself) I would like to have such a mechanism to have the system
> > prove to me before login that it is not tampered with. The TCG
> > approach does not provide this.
>
> What does "prove" mean here? Does having a hash of the system state for
> visual inspection before boot do it?
The problem is, just displaying anything like a hash value won't help.
You will need a second device to do a RPA. This device could be a much
smaller one, at least in theory, something like a mobile phone or an pda
would be sufficient.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20061013/8aeb5cc2/attachment.pgp>
More information about the cryptography
mailing list