Security Basics mailing list archives

Re: Hard disk Encryption

From: "Ali, Saqib" <docbook.xml () gmail com>
Date: Thu, 19 Apr 2007 12:52:45 -0700

I do not claim that every system that uses TPM is vulnerable to
hardware attacks. Imagine a laptop that has a TPM and uses
TrueCrypt with a USB key. Clearly, a hardware attack cannot
reveal the key stored on USB memory (if it was not lost together
with the laptop).

From this statement, I think you consider TPM to be a chip for merely

storing encryption keys. It is not. It is much more then that.
Remember, a TPM identifies a machine, where as  a PIN, password, USB
Key, or biometric identifies a user.

For a reasonably secure system you need both user identification and
machine identification. One can not replace the other. For e.g. TPM
will prevent removing a HDD from one system, and trying to read it in
a different system. Simply using a PIN will not prevent that.
Similarly by just using a TPM in a system, you can NOT get rid of
username/passwords.

I think we should close this discussion for right now, until an attack
can be demonstrated on the TPM itself, rather then improper
implementations of the technology.


Saqib Ali
http://www.quantumcrypto.de

Current thread:

Re: Re: Hard disk Encryption Balaji Prasad (Apr 12)
- Re: Re: Hard disk Encryption Ali, Saqib (Apr 12)
- Re: Re: Hard disk Encryption Alexander Klimov (Apr 15)
  - Re: Re: Hard disk Encryption Ali, Saqib (Apr 16)
    - Re: Hard disk Encryption Alexander Klimov (Apr 16)
    - Re: Hard disk Encryption Ali, Saqib (Apr 16)
    - Re: Hard disk Encryption Alexander Klimov (Apr 17)
    - Re: Hard disk Encryption Ali, Saqib (Apr 17)
    - Re: Hard disk Encryption Alexander Klimov (Apr 18)
    - Re: Hard disk Encryption Ali, Saqib (Apr 19)
    - Re: Hard disk Encryption Alexander Klimov (Apr 24)