Thor Lancelot Simon <t...@rek.tjls.com> writes:
>On Sat, Mar 07, 2009 at 05:40:31AM +1300, Peter Gutmann wrote:
>> Given that, when I looked a couple of years ago, TPM support for
>> public/private-key stuff was rather hit-and-miss and in some cases seemed to
>> be entirely absent (so you could use the TPM to wrap and unwrap stored 
>> private
>> keys
>
>But this, itself, is valuable.  Given trivial support in the operating system
>kernel, it eliminates one of the most common key-theft attack vectors against
>webservers.

Kent would be the one to answer this definitively, but the docs on the web
page talk about using OpenSSL to change the password on the stored keys,
without (apparently) needing the TPM, which seems a bit odd.

In any case though, how big a deal is private-key theft from web servers?
What examples of real-world attacks are there where an attacker stole a
private key file from a web server, brute-forced the password for it, and then
did... well, what with it?  I don't mean what you could in theory do with it,
I mean which currently-being-exploited attack vector is this helping with?

This does seem like rather a halfway point to be in though, if you're not
worried about private-key theft from the server then do it in software, and if
you are then do the whole thing in hardware (there's quite a bit of this
around for SSL offload) rather than just one small corner of it.  If your
target market is "people who are worried about theft of private key files (but
not in-memory keys) from web servers and who don't want to use hardware to
protect them and who are running a server that actually has a TPM installed"
then I suspect you've limited your applicability somewhat...

Peter.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to