Hi Stephen,
>>
>>
>> I am new to TCG. My understanding is that in SRTM BIOS itself is
>> assumed to be trustable. It’s not measured on a PC client during the
>> boot since it’s the first one being loaded and executed. But it forms
>> the basis of chain of trustable measurements. Is this correct?
>
>It is measured, but at least the initial component (e.g. BIOS boot
>block) can't be measured by an independent entity and thus must be trusted
>as the core root of trust for measurement (CRTM). The CRTM measures itself
>and the rest of BIOS among other things into PCR-0. In some
>implementations, the CRTM may be the entire BIOS; in others, it may be just
>the BIOS boot block.
>
>> What if my BIOS can’t be trusted? Can I still do remote attestation
>> of the PC client booted this way?
>
>Can you define what you mean by "can't be trusted"? What's your
threat
>model? If you can't trust the static CRTM, then you should use DRTM instead,
>e.g. Intel TXT (actually, that's preferable in general if your hardware supports
>it). But even there you will have some residual vulnerability to SMM and thus
>a dependency on the BIOS until STMs are available.
>
[Li, David] My threat model has to assume an attacker can gain physical access to the
motherboard and reflash the BIOS. That's why I worry about using TPM to ensure a
trusted boot.
I am aware of TXT (not in a detailed way). But what's STM? Any pointers?
>--
>Stephen Smalley
>National Security Agency
_______________________________________________
Trusted-computing mailing list
Trusted-computing(a)lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/trusted-computing