Welcome to my blog.

Posts

• Mar 18, 2024

  Attesting to the TPM's Firmware

  

  Murphy’s Law says: Anything that can go wrong will go wrong. Unfortunately, TPMs fall into the category of “anything.”

• Feb 7, 2024

  BitLocker is Designed to Have This Problem

  The purpose of a system is what it does ¹. The purpose of BitLocker is to generate articles about interposer attacks.

  sequenceDiagram participant host as Host system actor interposer as interposer participant tpm as TPM loop Boot host->>tpm: Measure some software into PCRs end host->>tpm: Load a sealed blob with PCR policy P host->>tpm: Satisfy P with PolicyPCR in policy session S1 note right of tpm: Assert that PCRs are as required by P rect rgb(255, 127, 127) host->>tpm: Unseal the key using S1 end note left of host: Decrypt disk and boot note right of interposer: Decrypt disk and
  post on HackerNews

  1. https://en.wikipedia.org/wiki/The_purpose_of_a_system_is_what_it_does ↩

• Oct 1, 2023

  The Brick Test

  

  I’d like to propose a simple test for any definition of security success: the Brick Test.

• Oct 25, 2021

  TPM Carte Blanche-resistant Boot Attestation

  

• Oct 18, 2021

  TPM Carte Blanche

  

subscribe via RSS