[tor-talk] Integrity of platforms: Trusted Computing
Moritz Bartl
moritz at torservers.net
Thu Jan 23 12:54:39 UTC 2014
On 01/22/2014 04:05 PM, Jan Reister wrote:
>> I'm wondering if, within anonymity community, the trusted computing
>> technologies hasn't been evaluated properly for the values that it could
>> be provide in terms of operating system and application integrity.
> In terms of security, the developers of Qubes OS make use of TPM for
> their Anti Evil Maid functionality:
> http://qubes-os.org/trac/wiki/SystemRequirements
> http://theinvisiblethings.blogspot.it/2011/09/anti-evil-maid.html
Recommendation to watch: https://www.youtube.com/watch?v=pKeiKYA03eE
(
https://www.defcon.org/images/defcon-21/dc-21-presentations/Selifonov/DEFCON-21-Selifonov-A-Password-is-Not-Enough-Why-Disk-Encryption-is-Broken.pdf
)
"[...] By integrating AES new instructions, x86 debugging registers,
encrypted RAM, IOMMU, and the TPM into a combined encryption system, the
difficulty of executing a successful attack is raised significantly. We
will examine the construction of this system in detail, and, at a higher
level, the role of full disk encryption in assuring meaningful security
in the face of physical access. Source to an experimental version of the
system will be made available. "
--
Moritz Bartl
https://www.torservers.net/
More information about the tor-talk
mailing list