-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Benno: > On Fri Apr 28, 2006 at 20:18:15 +1000, Malcolm V wrote: > >On Friday 28 April 2006 19:55, Adam Bogacki wrote: > ><snipped> > >> http://www.theregister.co.uk/2006/04/27/schneier_infosec/ > > > >Call me cynical (or stupid), but software cannot offer hardware based > >encryption. Sure, a piece of software can make use of hardware based > >features, as can other pieces of software. > > No, I'll just call you smarter than John Leydon :). > > BitLocker is software. It uses the TPM hardware to verify the boot > process. (I'm trying to get more information on that.)
There's an awful lot of manufacturers selling "hardware RAID" cards that have nothing on the card except a CPU and and EEPROM. Usually not a terribly fast CPU (after all RAID-5 requirements are not much more than basic block handling and a fast parity algorithm). Yes I'm looking at you Compaq... and you too IBM. Getting back to the topic, I believe that it is possible for a system to detect whether it has been chain-loaded from some other bootloader and then refuse to run if it detects this. The system only works off the officially sanctioned bootloader and this bootloader never boots anything else -- no more dual boot. Probably makes it harder to use MS libraries in wine, also might kill Xen, VMware and all those handy tools that give you a chance to make a few MS-Windows licenses go a long way... Suppose (for example) that any piece of hardware on the system contains consistent (but unknown) state at boot time and will have this state shuffled by the boot process (e.g. a CRC of the boot sector plus some secret internal machine ID). Further suppose that such hardware allows you to perform cryptographic operations based on the hardware state but did not allow you to discover what the state was. You could now use this hardware to encrypt the hard drive in such a way that another system would have great difficulty emulating the process (booting the other system always corrupts the hardware state and not enough internal information is available to emulate the device to rebuild the correct state). I would guess that TPM hardware contains the necessary ingredients. Does this give any better security than a well-known encryption algorithm (e.g. AES) plus a passphrase plus a key device (e.g. USB, etc)? No it doesn't, it is probably worse because if your motherboard chip dies you won't be able to recover your data on a different motherboard. That means you have to have an unencrypted backup which in turn becomes the weak point. This is all my supposition... with nothing other than gut feeling to back it up. I guess we will find out when the time comes. - Tel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iQIVAwUBRFLpi8fOVl0KFTApAQIG2A//UOfXY8qLxNRSd3w3/k8u28UMIHNuogle qXVgBqQs7Q5qF7cIYBh6ja07K8oyhEL0TrMXOrIUpa/eBXmkp07RA3rA6Dd1S1nJ rDQERdXzNqrSdE5fs/8yPBR2CORYRk3FZUXJ63ZP9Kzb2wIICFvOp6SCp8XS+gBX Qyup6H1n64aCQj/oIqefQpjjiAekrrSVDUWZ7xDC0JeGq+Zxm1hEYDKppeOpc4xc Ck0DczTmFZzJ98PDkm2R3Fd4L82sYHWXLjkfE6vDgww4aWmxfb8jt8xrjXVHfHwO pnkMUAzTH8nfreQE8FjpR4MHF9lI3XfpPXqQ/CrmuMXqX2+LL5Z6fKttXLhzxY3N yjrvOLcOn2QKHJzkJZD3c5KFnuzZEKtFchXsBGBgkiUfrPtvI2P8ILXjazM7qKLT o3/ZV/vjgrMis7FVqHoth25mtQ2Et4dyZq3m5QEpLZnFLtzioQHEfEZBaakveb5q 4JyuJO/DavrMd5TRtTf6uxgAVywWita4gGQfQuqnV4QG0qVRuxRhf9ci5inL/Dp0 JyO7dOmkCy7s9iLiilO6rG2kAGAR9PHv/Vh/tDZdK+Mmvr+EnR9TFZwDTd5cvJfm yrxqGBM6fPPYQn0FPNnebhiXm968Z4G3Y9Jv0OK/mQHSAQ218/p3cK9ycGhyLvPP k3vltYTPxTk= =vC6u -----END PGP SIGNATURE----- -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html