Indan Zupancic wrote:
Protecting a TripleDES key in high security standards is not as simple as
making the kernel
read protected, you need a whole lot and that also means hardware
(cryptomemories e.t.c)
So you forget about all this overhead when you use assymetric
You need to protect your kernel binary already, adding a key to that doesn't
increase the
complexity or safety requirements, so all that hardware safety is already in
place.
(And I'd use AES instead of TripleDES.)
Well, lets assume you have a trapped casing that prevents a flash chip
(which holds
the kernel) from being tamperred. Then you have write protection of the
bzimage
When this thing will run, and it will need to check an executable using
AES for example
(which is a lot better than TripleDes, i agree) then the key will be for
a time window
onto buses and memory. Then it can be probed and retrieved by someone.
Then you need cryptomemory
While with asymmetric you don't. There are no high-risk data anywhere,
only a public
key
Of course if you have other data that need to be secured, and you
already run
on a trusted platform, including all these crypto hardware modules, then
you can use
a symmetric scheme
Tasos Parisinos
-
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
