Welcome to my blog.
Posts
-
Decorative Cryptography
All encryption is end-to-end, if you’re not picky about the ends.
config TCG_TPM2_HMAC bool "Use HMAC and encrypted transactions on the TPM bus" default n select CRYPTO_ECDH select CRYPTO_LIB_AESCFB select CRYPTO_LIB_SHA256 select CRYPTO_LIB_UTILS help Setting this causes us to deploy a scheme which uses request and response HMACs in addition to encryption for communicating with the TPM to prevent or detect bus snooping and interposer attacks (see tpm-security.rst). Saying Y here adds some encryption overhead to all kernel to TPM transactions.Last year, I came agross a Linux kernel feature called
TCG_TPM2_HMAC. It claims to detect or prevent active and passive interposer attackers. That’s one of my sleeper agent activation phrases, so I dug in. -
Attesting to the TPM's Firmware
Murphy’s Law says: Anything that can go wrong will go wrong. Unfortunately, TPMs fall into the category of “anything.”
-
BitLocker is Designed to Have This Problem
The purpose of a system is what it does 1. The purpose of BitLocker is to generate articles about interposer attacks.
sequenceDiagram participant host as Host system actor interposer as interposer participant tpm as TPM loop Boot host->>tpm: Measure some software into PCRs end host->>tpm: Load a sealed blob with PCR policy P host->>tpm: Satisfy P with PolicyPCR in policy session S1 note right of tpm: Assert that PCRs are as required by P rect rgb(255, 127, 127) host->>tpm: Unseal the key using S1 end note left of host: Decrypt disk and boot note right of interposer: Decrypt disk and
post on HackerNews -
The Brick Test
I’d like to propose a simple test for any definition of security success: the Brick Test.
-
TPM Carte Blanche-resistant Boot Attestation
-
TPM Carte Blanche
subscribe via RSS