On Mon, 8 May 2006, Michael Halcrow wrote:
On Mon, May 08, 2006 at 09:41:49PM +0000, Jason Holt wrote:
You're talking about multiple machines being able to decrypt, so is
it a shared secret across the machines?
Yes -- a shared private key, but that key is only available to the
operating environment of each machine when the machine is booted in a
trusted manner. A set of machines are certified as appropriate for
handling trade secrets, set up with a secure operating environment
(including auditing, MAC, and so forth), and then data is
transparently accessible on only those machines. Additional secrets
protecting the data (i.e., passphrases) can narrow down access to a
subset of users of that set of machines (providing a convenient means
of two-factor authentication).
Okay, I think I'm starting to get it. So let's say there are two machines
with TPM modules and freshly installed OSes, and that we ignore the passphrase
issue for the moment (since it doesn't seem to add much to the TPM example).
I generate a keypair on one machine, and then somehow send the private key to
the other? Then when I create my ciphertext, it gets encrypted against the
public key, right?
If I didn't have TPM, I could still do all that, but you're talking about the
TPM ensuring that not only does the machine *have* the private key, but that
the machine is in a certain state. So it saves us from an attacker who has
the ciphertext *and* access to one of the machines, but who can't login as me
or otherwise convince the OS to ask the TPM for the key (or is it just
decryption of the ciphertext?)? Are there any other attacks it prevents?
-J
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
