[Cryptography] Millions of high-security crypto keys crippled by newly discovered flaw

Darren Moffat darren at nessieroo.com
Sat Oct 21 04:38:10 EDT 2017

HP and Intel contributed code to OpenStack that uses the TPM for Nova
Compute node attestation that those nodes are configured appropriately.
This is then used as input to the Nova VM placement scheduler, it is I
believe also possible to mark a VM flavour as required to be placed on an
attested Nova Compute node.

I'm not convinced TPM was at all necessary for this case nor is it
addressing enough issues (what if the system gets compromised after the
attestation step).

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171021/5fe547cf/attachment.html>

More information about the cryptography mailing list