Collaborate Disseminate
I’ve got an Infineon SLB9670 TPM module connected to a BeagleBone Board. I would like to carry out RSA signature verification on the board by using the TPM as a key store (storing the public key). W.r.t the same I have the following questi… Continue reading Can I store an openssl generated public key on a TPM (2.0) device?
Let’s say I have to leave my computer unattended and turned off for a while with some strangers, is it possible for someone to clone my HDD and SSD data?
Continue reading What’s stopping someone from copying my HDD/SSD?
We are making a design/implementation for secured FOTA for IoT Devices. as there are two steps of it: transferring the signed image from server to device and secondly updating the image on target device after integrity check / handling rol… Continue reading secured transmission of signed firmware from OTA server to IoT Device
I understand that Root of Trust is necessary for implementing a secure boot on a device. Root of Trust is strong and trust worthy if this comes from hardware security elements like HSM/TPM/..
So for devices which are not having hardware se… Continue reading Secure boot for devices which don’t have hardware security element
Context
I’m working on the hardening of a Debian Bullseye box.
At the moment, every works perfectly: SecureBoot enabled, "Admin" password for BIOS set, every partitions except EFI one are ciphered with Luks, i flashed my own keys… Continue reading SecureBoot: PCR to use or not
I have an issue that has been puzzling me tegarding the TPM checks on my machine, and I cannot find much documentation about the checks a TPM exactly performs. The issue is the following;
I have a Lenovo Thinkpad that has secure-boot and b… Continue reading Does the TPM check the addition/removal of boot-entries
I have an ASUS laptop with Windows 10 that I want to factory reset. I used it for many years and did some torrenting with it in the past, so I wouldn’t be surprised if something went wrong when it comes to security. The steps I would follo… Continue reading Is factory reset enough to remove malware from laptop?
I am trying to understand how PKI is used to boot an ARM board.
The following image relates to BL1:
The booting steps state:
Also from:
The certificate used in step 1 appears to be a content certificate. In the diagram it suggests in co… Continue reading PKI Usage in Trusted Boot
Given how UEFI secure boot appears later than TPM, i had assumption that it provides advantages over TPM.
As i read into each, it appears to me that the TPM measurements to each stage would provide about the same level of integrity guarant… Continue reading Does (UEFI) secure boot provide security advantages over TPM measured boot?
The “BootHole” bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT ,IoT and home networks. Continue reading Billions of Devices Impacted by Secure Boot Bypass