Re: [TrouSerS-users] Can you set NON_MIGRATABLE after generating the keys?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On 11/14/2013 11:13 AM, Thomas Habets wrote:
> I generated some keys with:
>
> pkcs11-tool --module=/usr/lib/opencryptoki/libopencryptoki.so.0 \
>      --login --keypairgen -d 01 \
>      -a "$(whoami)@$(hostname --fqdn) key" \
>      --key-type rsa:2048
>
> But they are migratable. I can delete the on-disk key "backups" to try
> to prevent migration, but they have been stored on disk, so the TPM
> chip is no longer the sole keeper of secrets (or can be convinced to
> give up the keys). Deleting files on disk is hard. Especially with
> SSDs because of wear levelling.
>
> I'm hoping the answer isn't "you should have generated they keys differently"
> (by adding a flag, http://marc.info/?l=trousers-users&m=120326565102441),

I believe that the answer is, "You should have generated the key 
differently."

The encrypted part of the key blob holds an integrity hash.  If you flip 
a bit, the integrity check fails.

This is 'a good thing'.  If you could flip it one way, you could flip it 
the other way, making a key appear migratable, then migrate it to an 
insecure target.