Welcome, Guest! Log In | Create Account

Share

Enforcer Linux Security Module (LSM)

The forum address has changed, you have been automatically redirected. Please update any bookmarks to use the new URL.

Subscribe

Integrity of PCRs

Add A Reply

You are viewing a single message from this topic. View all messages.

  1. axellec

    2004-04-19 09:14:43 UTC
    Hi John,
    Thanks for your reply. Actually, maybe my question should rather be redirected to some TCG mailing-list (but I don't know any public one) ;-)

    If I understand well your answer, you tell me that PCRs by themselves are not necessarily secured (confidentiality, integrity), but that they are secured when somebody binds them to data using TPM_Seal or Unseal.

    I don't totally agree... because
    1/ I think that PCRs & the sealing mechanism are 'independant'. I mean, I could use PCRs and never seal anything... Couldn't I ? Well, at least, it would have a sense if the PCRs have integrity guaranteed.
    2/ the specs of TCG do say that PCRs should be kept in the Protected Storage area. To me, this means they are encrypted and sealed (using the SRK some way or another). Unless my deduction is wrong...

    Consequently,
    - do you think I misunderstand TCG ?
    - if not, do you know if the TPM you used enforces this integrity for PCRs one way or another ? or do you, in the enforcer module, enforce this integrity ?

    Best regards,
    Axelle.
< Previous | 1 | Next >

Add a Reply

This forum does not allow anonymous participation.

Log in to add a reply. Not registered? Create an account to participate and receive email updates when replies are posted to this topic.

About SourceForge

Find Software

Develop Software

Community

Help

Copyright © 2009 Geeknet, Inc. All rights reserved. Terms of Use