On Thu, 26 Sep 2013, James Bottomley wrote:
> > could you please describe the exact scenario you think that the symmetric
> > keys aproach doesn't protect against, while the assymetric key aproach
> > does?
> >
> > The crucial points, which I believe make the symmetric key aproach work
> > (and I feel quite embarassed by the fact that I haven't realized this
> > initially when coming up with the assymetric keys aproach) are:
> >
> > - the kernel that is performing the actual resumption is trusted in the
> > secure boot model, i.e. you trust it to perform proper verification
> >
> > - potentially malicious userspace (which is what we are protecting against
> > -- malicious root creating fake hibernation image and issuing reboot)
> > doesn't have access to the symmetric key
>
> OK, so the scheme is to keep a symmetric key in BS that is passed into
> the kernel each time (effectively a secret key) for signing and
> validation?
Exactly.
> The only two problems I see are
>
> 1. The key isn't generational (any compromise obtains it). This
> can be fixed by using a set of keys generated on each boot and
> passing in both K_{N-1} and K_N
I think this could be easily made optional, leaving the user with choice
of faster or "safer" boot.
> 2. No external agency other than the next kernel can do the
> validation since the validating key has to be secret
This is true, but as you said, the relevance of this seems to be rather
questionable.
--
Jiri Kosina
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
