Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 23, 2013
An "enum" for Python 3
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
Reiner Sailer <firstname.lastname@example.org> on the LKML has said
"You retrieve not only the measurement list from a system (kernel) but also
a signature over the TPM PCR holding the integrity value. Nonces
(random numbers) are used to protect against replay of old signed TPM PCR
contents by the kernel. Since PCR is signed inside the TPM together with
the nonce, corrupt system software can't cheat unnoticedly.". So it seems they have thought of replay attacks.
Doesn't do so much for remote verification
Posted May 28, 2005 19:09 UTC (Sat) by Ross (subscriber, #4065)
Thus the remote attestation feature can only be trusted when the system is
not compromized before running the trusted IMA module, which is a severe
limitation when you are talking about systems that people have physical
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds