Sven Eschenberg wrote: > What autheticity? grub's? > > The key will be stored by the firmware the same way the keys delivered > with it are stored, most probably. That's why I said, you'd have to trust > the firmware and that it can not easily be tampered with. > > I wanted to point out, that an attack on the bootloader itself is not > really the problem here, as you can sign it and use secure boot. > > But in turn we'd have to trust secure boot and the security of the > firmware in general. > > It is probably way easier though to manipulate the bootloader executeable, > as Arno pointed out, than using a JTAGGer and modify the firmware. Well, there are two concerns there, and the difficulty of using a JTAG debugger only addresses one. The other issue is that while GRUB2 is open-source and can be inspected for backdoors, the same is not generally true of firmware. Trinh, if you have the resources you may want to look into Coreboot with a signed (and verification-capable) U-Boot payload. That's what ChromeOS is using (although their U-Boot verification differs from and predates what went upstream), and provides a similar trust chain to Secure Boot using open-source components. That will restrict what hardware you can use, but if your use-case requires that kind of security it may be worth considering. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
