On Wed, Jul 7, 2010 at 5:50 PM, chloé Fouquet <fouquet.chloe@gmail.com> wrote:

Is there a function that verifies automatically that the measurement log is right according to the integrity value of the PCR 10 ? (the function will extend a pcr will all the measurements of the measurement log)
Although verification of the log is done at the challenger end, where PCR value is calculated based on the Measurement Log sent from the attested system, still one can do the same process locally (which does not seem to be of any use).

As far as I understand, based ONLY on the PCR 10 value one cannot verify the integrity state of the system if we do not include SML in consideration because even with same stack and applications' set  different load sequences will result in different PCR 10 values.

What prevents me to create a measurement log of my choice and to extend a PCR, whose value is initially 0, with these measures and perform a quote of this PCR and then send this quote and the measurement log to a person who want to authenticate me ? Like that I will be able to create any measurement log even if it doesn't correspond to my computer configuration...

There is a chain of trust right from the HW --> CRTM --> BIOS --> BootLoader --> OS (kernel) and then all the executables etc. loaded upon this stack.  That is been added to PCR 10 as boot aggregate in addition to the PCR 0 to 9 which has all the measurements during boot time.

So any misconfiguration/manipulation done will be detected as the PCR_QUOTE has all the chain enclosed in it.



This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
Linux-ima-user mailing list

Tamleek Ali,