Re: [PATCH] KEYS: asym_tpm: Switch to get_random_bytes()

From: Jarkko Sakkinen
Date: Tue Oct 08 2019 - 19:53:47 EST

Next message: Bjorn Andersson: "Re: [PATCH v2 0/2] Avoid regmap debugfs collisions in qcom llcc driver"
Previous message: Stephen Boyd: "[PATCH] ASoC: jz4740: Remove unused match variable"
In reply to: Jarkko Sakkinen: "Re: [PATCH] KEYS: asym_tpm: Switch to get_random_bytes()"
Next in thread: Pascal Van Leeuwen: "RE: [PATCH] KEYS: asym_tpm: Switch to get_random_bytes()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 09, 2019 at 02:49:35AM +0300, Jarkko Sakkinen wrote:
> On Mon, Oct 07, 2019 at 06:13:01PM -0400, Ken Goldman wrote:
> > The TPM library specification states that the TPM must comply with NIST
> > SP800-90 A.
> >
> > https://trustedcomputinggroup.org/membership/certification/tpm-certified-products/
> >
> > shows that the TPMs get third party certification, Common Criteria EAL 4+.
> >
> > While it's theoretically possible that an attacker could compromise
> > both the TPM vendors and the evaluation agencies, we do have EAL 4+
> > assurance against both 1 and 2.
>
> Certifications do not equal to trust.

And for trusted keys the least trust solution is to do generation
with the kernel assets and sealing with TPM. With TEE the least
trust solution is equivalent.

Are you proposing that the kernel random number generation should
be removed? That would be my conclusion of this discussion if I
would agree any of this (I don't).

/Jarkko

Next message: Bjorn Andersson: "Re: [PATCH v2 0/2] Avoid regmap debugfs collisions in qcom llcc driver"
Previous message: Stephen Boyd: "[PATCH] ASoC: jz4740: Remove unused match variable"
In reply to: Jarkko Sakkinen: "Re: [PATCH] KEYS: asym_tpm: Switch to get_random_bytes()"
Next in thread: Pascal Van Leeuwen: "RE: [PATCH] KEYS: asym_tpm: Switch to get_random_bytes()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]