[cap-talk] remote attestation
Karp, Alan H
alan.karp at hp.com
Thu Jan 5 12:17:06 EST 2006
Richard Uhtenwoldt wrote:
>
> Let me interrupt again and point out again that soon there will
> be many millions of computers with the Trusted Computing technology.
>
> And let me ask Alan Karp if he doubts that the combination of
> this technology and software written by competent security engineers
> would be unable to stop Bob and Carol from sharing their private
> keys.
>
Those keys are used to sign certificates based on requests from outside
the TPM. Those requests are validated using some sort of secret, such
as a passphrase, that can be shared. It is still be possible for Bob
and Carol to share their passphrases and impersonate each other even
though the private keys are safely locked away. I believe the only way
to prevent such impersonation is if there is a trusted path to the TPM
from the network.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Karp, Alan H.vcf
Type: text/x-vcard
Size: 433 bytes
Desc: Karp, Alan H.vcf
Url : http://eros.cs.jhu.edu/pipermail/cap-talk/attachments/20060105/0abb6933/KarpAlanH.vcf
More information about the cap-talk
mailing list