[Novalug] encryption at rest on a virtual server for a virtual drive

Derek LaHousse dlahouss@mtu.edu
Wed Sep 11 16:26:07 EDT 2013


Doctor, that's not a TPM.  That's a BIOS storing a password in an
EEPROM, and reading it out in plaintext to do a bytewise compare.  A
TPM would rather take data in from the processor, then take a sealed
file (previously encrypted by the TPM), and if the state were right,
return the contents of that file.  At which point, you have the key
for the drive if you captured it on the wire.

On Wed, Sep 11, 2013 at 3:42 PM, The Doctor <drwho@virtadpt.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 09/11/2013 01:58 PM, Derek LaHousse wrote:
>> Doc, your links and your example (unlocked laptops at the Space)
>> do not agree.  I'd think the fastest way to "unlock" a donated
>> laptop would be to reinstall.  Bam, what was once a Windows
>> computer is now useful.
>
> Also, this:
>
> http://www.ja.axxs.net/t43_t43p.htm
>
> The process was not the same, no, but the point I was getting at was
> that it is indeed possible to use hardware attacks to bypass
> on-mainboard TPM.
>
> - --
> The Doctor [412/724/301/703] [ZS]
> Developer, Project Byzantium: http://project-byzantium.org/
>
> PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
> WWW: https://drwho.virtadpt.net/
>
> "CATS.  CATS ARE NICE." --Death, _Sourcery_
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.20 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlIwx8AACgkQO9j/K4B7F8GL7QCg1JNRbfqwVl70lQYSuqaSsq/Y
> /eYAn3IVgc0JAFNH784MLQwub0Nr2xql
> =jKxC
> -----END PGP SIGNATURE-----



More information about the Novalug mailing list