Assuming you have a secure kernel binary that is tamper proof, why do you need
slow and complex asymmetric encryption again? If you can write protect the
kernel,
you can also read protect it (or let the boot loader pass the key to the
kernel).
So what stops you from using a simple symmetric key cipher for signing?
In symmetric cryptography you would give away your key if one could read the
kernel binary
while in assymetric one can only get the public key
Protecting a TripleDES key in high security standards is not as simple as making the kernel read protected, you need a whole lot and
that also means hardware (cryptomemories e.t.c)
So you forget about all this overhead when you use assymetric
Also this is the way this is done in all implementations ranging from Linux platforms (see [EMAIL PROTECTED] for an example, or in
Debian, Fedora) and in Microsoft platforms as far as i know
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
