[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GRUB hardened boot framework
|
From: |
Robert Millan |
|
Subject: |
Re: GRUB hardened boot framework |
|
Date: |
Sat, 28 Feb 2009 00:08:51 +0100 |
|
User-agent: |
Mutt/1.5.18 (2008-05-17) |
On Fri, Feb 27, 2009 at 11:55:55PM +0100, phcoder wrote:
>>
>> I'm no crypto expert, but I was under the impression that when the data is
>> encrypted, measurement comes "for free": if someone tampered it, you'd be
>> unable to decrypt. Is this correct?
>>
> It's not. Encryption is permutation
> E_{key,sector} (P) -> C
> Which permutes transforms plaintext P to ciphertext P. Without knowing
> the key an attacker still can reuse the values he has already seen (e.g.
> if he has an image of FS at previous date).
> He can also replace the sector with anything. He can't predict to what
> it will be decrypted but not to what it originally was
I stand corrected; But in that case, measurement can still be implemented
at the filesystem level?
--
Robert Millan
The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
how) you may access your data; but nobody's threatening your freedom: we
still allow you to remove your data and not access it at all."
- Re: GRUB trusted boot framework, (continued)
- Re: GRUB trusted boot framework, Jan Alsenz, 2009/02/22
- Re: GRUB trusted boot framework, phcoder, 2009/02/22
- Re: GRUB trusted boot framework, Jan Alsenz, 2009/02/22
- Re: GRUB trusted boot framework, phcoder, 2009/02/22
- Re: GRUB trusted boot framework, Jan Alsenz, 2009/02/23
Re: GRUB trusted boot framework, Robert Millan, 2009/02/27
- Re: GRUB hardened boot framework, Jan Alsenz, 2009/02/27
- Re: GRUB hardened boot framework, Jan Alsenz, 2009/02/27
- Re: GRUB hardened boot framework, phcoder, 2009/02/27
- Re: GRUB hardened boot framework, Robert Millan, 2009/02/27
- Re: GRUB hardened boot framework, Jan Alsenz, 2009/02/27