Re: [PLUG] plug Digest, Vol 159, Issue 16

Rich Freeman on 10 Feb 2018 19:22:24 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] plug Digest, Vol 159, Issue 16

From: Rich Freeman <r-plug@thefreemanclan.net>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] plug Digest, Vol 159, Issue 16
Date: Sat, 10 Feb 2018 22:22:17 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to; bh=Grt8YFCHj0IsRZ0LgmKq7ytAlxhye+YpJVw0OvTrm84=; b=hTLg0IzVEwI4mmFx2fbXbCHdfhEahExfHa9npiC6Sx5ID8kx8hHSrq/yIOnyiZZDXK wDqUfBIRYNV3zqYJXdrI+/4LiII2bIsjvoSzcesjkmecr9BQQVZOkTCwHvx8YTbUrylG PXnys2iBVCTY9NB+5QhwC/8M/zyR8I3rFBunydZQiVjqC06TfLtOEMCo6oFiBEJDQOMX jHPcWNb3yMgxi3txatn1SiebKq3cEtIvLeGVgsJkQLj3AUGI+/cKfKMFJx3bPuWCMV6N rM9ES10v7+aADQ2i7mspI/welfzkI7nGgm0TJvr4CSQm5P4Bs3eOjf8ZVLqj9Dw8DnFu whWQ==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

On Sat, Feb 10, 2018 at 10:02 PM, brent timothy saner
<brent.saner@gmail.com> wrote:
>
> it does not solve the problems that none of the other solutions can
> solve, which are:

IMO the TPM-based solution can solve most of this, at least within the
PC itself (caveat below):

>
> - how do you prevent duplication of that data, either via a direct byte
> copy out somewhere or via some sort of screen capture

Within the PC the TPM-based solution would work by ensuring the key is
only released when trusted software is running.  The trusted software
wouldn't have the ability to copy the data anywhere, and the screen
contents would be protected as well within the computer hardware.

The viewer could be as simple as an initramfs containing the encrypted
data, a PDF viewer and an X server, and a bit of scripting to glue it
together (and virtually nothing else).  The scripting prompts for a
PIN and passes it to the TPM to retrieve the key(s) if the PIN is
valid and the PCRs match.  After the expiration time passes a script
tells the kernel to poweroff.  The PDF viewer would basically have no
functionality other than scrolling around, and there would be no way
for a user to run any software other than it.  The bootloader would
store the kernel+initramfs hash in a PCR before executing it, so any
modification to either would make the keys inaccessible.  As far as I
can tell trusted grub already supports this out of the box, so all you
would need to do is build a minimal initramfs.

Now, pointing a camera at the screen is a different matter, and it is
impossible to protect against this.

> - how do you have this data deleted after having been recalled in a way
> that cannot be thwarted

I already outlined the solution here.  I still am not convinced the OP
actually needs the data to be auto-deleted, but if it is necessary you
just have a two part key and after the software retrieves the first
part it instructs the TPM to delete it before retrieving the second
part.

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] plug Digest, Vol 159, Issue 16
  - From: brent timothy saner <brent.saner@gmail.com>
- Re: [PLUG] plug Digest, Vol 159, Issue 16
  - From: ac <ac@main.me>
- Re: [PLUG] plug Digest, Vol 159, Issue 16
  - From: PaulNM <plug@paulscrap.com>

References:
- Re: [PLUG] plug Digest, Vol 159, Issue 16
  - From: Devin Custodio <devin.roy.custodio@gmail.com>
- Re: [PLUG] plug Digest, Vol 159, Issue 16
  - From: brent timothy saner <brent.saner@gmail.com>

Prev by Date: Re: [PLUG] plug Digest, Vol 159, Issue 16
Next by Date: Re: [PLUG] plug Digest, Vol 159, Issue 16
Previous by thread: Re: [PLUG] plug Digest, Vol 159, Issue 16
Next by thread: Re: [PLUG] plug Digest, Vol 159, Issue 16
Index(es):
- Date
- Thread