Re: awareness + flexibility + security

[Michal Suchanek]

On 11/14/05, Jonathan S. Shapiro <address@hidden> wrote:
> On Sat, 2005-11-12 at 17:04 +0100, Michal Suchanek wrote:
>
> > That attestaion function is not really that strong. There are a few
> > registers for hashes, and these have to be actively filled by some
> > software.
> > So in case of GNU/Linux, the BIOS  would store its own checksum, the
> > checksums of  option roms (if any), the checksum of the bootsector,
> > and load it. Grub then would store its
> > checksum, checksums of the stages it loads, the kernel, the initrd, and 
> > load it.
> > You can later read these checksums. But what do they prove?
>
> First, you are missing a step: the checksum of grub is computed as it is
> loaded by the boot sector.

ok, they put quite a lot of stuff in that 500 (or haw many)bytes then :)
This leaves only the somewhat impractical option: replace the bios.

>
> Second: the cryptographic hash is computed **by the hardware**. You can
> certainly compute something else, but the hardware won't believe it.

Sure. But you **have to supply the data to the chip** somehow. It
cannot read it from the disk by itself. It even does not know where.
And since the hashes are weak (iirc sha1) you can generate data that
yields arbitrary checksum (you would have hard time fitting it into
the bootsector, though).

And I still do not see what the signed message containing the
checksums proves. There are way too many variants.

Thanks

Michal

--
             Support the freedom of music!
Maybe it's a weird genre  ..  but weird is *not* illegal.
Maybe next time they will send a special forces commando
to your picnic .. because they think you are weird.
 www.music-versus-guns.org  http://en.policejnistat.cz