On Thu, 26 Sep 2013, James Bottomley wrote: > > could you please describe the exact scenario you think that the symmetric > > keys aproach doesn't protect against, while the assymetric key aproach > > does? > > > > The crucial points, which I believe make the symmetric key aproach work > > (and I feel quite embarassed by the fact that I haven't realized this > > initially when coming up with the assymetric keys aproach) are: > > > > - the kernel that is performing the actual resumption is trusted in the > > secure boot model, i.e. you trust it to perform proper verification > > > > - potentially malicious userspace (which is what we are protecting against > > -- malicious root creating fake hibernation image and issuing reboot) > > doesn't have access to the symmetric key > > OK, so the scheme is to keep a symmetric key in BS that is passed into > the kernel each time (effectively a secret key) for signing and > validation? Exactly. > The only two problems I see are > > 1. The key isn't generational (any compromise obtains it). This > can be fixed by using a set of keys generated on each boot and > passing in both K_{N-1} and K_N I think this could be easily made optional, leaving the user with choice of faster or "safer" boot. > 2. No external agency other than the next kernel can do the > validation since the validating key has to be secret This is true, but as you said, the relevance of this seems to be rather questionable. -- Jiri Kosina SUSE Labs -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html