lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 9 Dec 2003 17:50:57 -0800
From: Eric Anderson <anderson@...uoregon.edu>
To: Craig Paterson <craigp@...pett.com>
Cc: "'jon schatz'" <jon@...isionbyzero.com>,
	David Brodbeck <DavidB@...l.interclean.com>,
	bugtraq@...urityfocus.com
Subject: Re: Dell BIOS DoS


On Dec 9, 2003, at 12:02 PM, Craig Paterson wrote:

> David Brodbeck wrote:
>
>> There is no such thing as security from someone who has physical 
>> access to
>> the hardware.
>>
>
> Alright, so this is a tangent, but: that is what encryption is for. 
> The whole basis of encryption assumes that the attacker has access to 
> the message (your data), but that without the appropriate keys you 
> can't usefully access it. No, this doesn't have much to do with the 
> value or otherwise of BIOS passwords, but it's often stated that 
> physical access renders all your data wide open, which isn't 
> necessarily the case.

I'll continue the tangent:  Encryption's great against an attacker who 
has physical access to the device holding your data, as long as they 
don't have physical access to the device holding your keys!   We can 
sort of separate hardware into:

Type 1.  Storage/transit parts which only handle encrypted data and 
never see the key.
Type 2.  Use/processing parts which operate on the unencrypted data, 
and thus need the key (or only deal with the plain text in the first 
place.)

The maxim then becomes "There is no such as security from someone who 
has physical access to the (type 2) hardware."

I would describe most of the "secure/trusted hardware" efforts that 
I've seen (such as the system Alexandros Papadopoulos mentioned) as 
trying to move as much of the system type 1 as possible, and make the 
type 2 bits user-inaccessible.   There are a few interesting things you 
can do with data without decrypting it at all (a pure type 1 
situation), but most applications require some type 2 bits.  The trick 
with a secure cryptographic coprocessor is that the exposed data bus 
can be type 1, with the type 2 operations happening somewhere inside.  
This would accomplish nothing against an attacker with absolute 
physical access who could read or change the voltage anywhere in the 
chip at any time.  But it does work against an attacker with "normal" 
physical access who can only observe or tamper with data on the chip's 
external interfaces.


--
Eric Anderson - anderson@...uoregon.edu
University of Oregon Network Security Research Lab
PGP fingerprints:
D3C5 D6FF EDED 9F1F C36D 53A3 74B7 53A6 3C74 5F12
9544 C724 CAF3 DC63 8CAB  5F30 68AE 5C63 B282 2D79

Download attachment "PGP.sig" of type "application/pgp-signature" (187 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ