[Cryptography] Cheap forensic recorder

Phillip Hallam-Baker phill at hallambaker.com
Wed Mar 4 11:47:40 EST 2015

On Wed, Mar 4, 2015 at 11:03 AM, Arnold Reinhold <agr at me.com> wrote:

> On Mar 2, 2015, at 10:33 PM, Emin Gün Sirer <el33th4x0r at gmail.com> wrote:
> > >On Mon, Mar 2, 2015 at 10:29 PM, Arnold Reinhold <agr at me.com> wrote:
> > >More generally, I think the way to approach “nothing up my sleeves”
> hardware is to move down in complexity, not up. I’d like to see a series of
> small security devices based on minimalist processors. We’ve talked about
> HRNGs in the past. How about a small device that did nothing but compute
> the hash of the contents of an SD card?
> >
> > Ironically, you're describing a TPM platform.
> >
> Perhaps in terms of functionality, but not in terms of trust model. TPMs,
> as I understand them, are opaque black boxes. We have to trust the
> manufacturers for their content. That works fine in a wide swath of
> corporate security applications, where policy must be asserted and
> maintained over many machines and users. But I don’t see how TPMs help
> individual practitioners who seek complete control of their computing
> environment.

My machine works exactly the same regardless of whether the module is
plugged in or not. So how is it protecting me? Like firewalls, I worry that
TPMs risk becoming a +5 amulet of protection against the undead rather than
being understood as a tool that has a very specific purpose.

Some might say the Thompson “Trusting Trust” paper makes that goal
> unattainable, but I’m not convinced. Thompson assumed a fixed target that
> code hidden in the compiler attacks.

Thompson was provoking an argument. He never argued that the problems were
impossible to solve.

Security is risk control, not risk elimination. What I am looking to do
here is to see if we can work out to apply parts of what we applied when
setting up the original VeriSign PKI to a wider field. The VeriSign
approach is documented in the CPS so I am not divulging proprietary
information and in any case Symantec came to CABForum to share the same
with the CA world in general.

In particular, I like the use of ceremonies to formalize process.
[Something Carl Ellison has also said a lot of useful stuff on]

I want to look for ways to make collection of digital forensic evidence as
airtight as possible without introducing unreasonable expense or requiring
exceptional expertise or special hardware.

The reason I am starting with a Raspberry Pi 2 is that it is a very simple
device with minimal moving parts that boots from removable media. But if a
case involved a specific brand of computer such as Windows or Mac, I would
want to have a protocol and a ceremony that covers that eventuality as
well. [Windows for Raspberry Pi is also very interesting of course].

Extending to Beaglebone and using devices of one type to cross check
another seems like an excellent move as well.

> In large systems it might even be possible to hide a large code blob that
> figures out what is going on and devises an attack. But by moving down in
> the complexity chain instead of up, it becomes harder to hide a smart evil
> code blob. Using a variety of microprocessor architectures and software
> sources, makes the Thompson attack even more difficult.

There are some very small and constrained builds for Raspberry Pi. Console
only O/S etc. Those would also be very interesting to look at.

> My approach is an ecosystem of simple devices made from inexpensive off
> the shelf components with wide availability and limited capabilities that
> solve specific problems, in this case just verifying the hash on an SD
> card. Each problem in the trust chain, e.g where does one get the known
> good hash value, can be dealt with separately.
> Maybe there is a different approach to “nothing up my sleeves" control of
> computing using TPMs. If so I’d be interested in hearing how it might work.

My understanding is that TPMs are limited to a very small set of functions
such as ensuring that private keys generated on the device can't be
exported or become visible to a program that might export them.

Also TPMs and trusted boot are two different things.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150304/98c78720/attachment.html>

More information about the cryptography mailing list