[144681] in cryptography@c2.net mail archive
Re: Unattended reboots (was Re: The clouds are not random enough)
daemon@ATHENA.MIT.EDU (Ali, Saqib)
Mon Aug 3 17:01:09 2009
In-Reply-To: <4A761A9D.6080106@strongauth.com>
Date: Mon, 3 Aug 2009 10:00:23 -0700
From: "Ali, Saqib" <docbook.xml@gmail.com>
To: Arshad Noor <arshad.noor@strongauth.com>
Cc: Jerry Leichter <leichter@lrw.com>, Cryptography <cryptography@metzdowd.com>
> If you (or anyone on this forum) know of technology that allows the
> application to gain access to the crypto-hardware after an unattended
> reboot - but can prevent an attacker from gaining access to those keys
> after compromising a legitimate ID on the machine
This is the conundrum of the of the the decade. The TPMs etc, tie a
HDD to a server. This helps in cases where the HDDs are discarded w/o
proper destruction of data or are stolen. If you have a problem of
entire servers being stolen, than you have to worry about physical
security.
saqib
http://kawphi.blogspot.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
