From: Mike Hearn <mike@plan99•net>
To: Wendell <w@grabhive•com>
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>,
bitcoin-list@lists•sourceforge.net
Subject: Re: [Bitcoin-development] BitMail - p2p Email 0.1. beta
Date: Tue, 30 Jul 2013 14:12:51 +0200 [thread overview]
Message-ID: <CANEZrP0OYzz8p6zT_y7JGZyofZ=wTZ=6umCLu0AJy8KH6E0R5A@mail.gmail.com> (raw)
In-Reply-To: <7B0891A4-7163-43AE-85EC-8BA7ADC28A2A@grabhive.com>
[-- Attachment #1: Type: text/plain, Size: 2424 bytes --]
The TPM is a piece of secure* hardware that provides various cryptographic
services to the host system. It is important to understand that it is not a
crypto accelerator. It is a place to store keys and small pieces of data
(like hashes, counters) where it's difficult for someone to extract them
even if they have physical access.
The TPM is designed to support trusted computing, a rather splendid set of
extensions to the x86 architecture that let you do remote attestation,
software sealing and other things. Or at least it would be splendid if it
had been really finished off and pushed to completion by the designers.
Unfortunately due to various political issues it exists in a
quasi-finished, semi-broken state which only experts can use. Without a
doubt you have never run any software in a TC environment.
As part of that role, the TPM provides some permanent storage in the form
of NVRAM. Because the TPM is designed to be as cheap as possible, it has a
limited number of write cycles. Normally you're meant to store Intel TXT
launch control policies and sealed keys there, but Pond uses it in a
different way by storing keys there that it encrypts local data with. By
erasing the key in the TPM chips memory area, the data on disk is
effectively destroyed too.
This is useful because modern "disks" are often SSD drives, or physical
metal disks that use log structured file systems. Because flash memory has
a limited number of write cycles per cell, internally SSDs have firmware
that remap writes from logical addresses to different physical addresses,
the goal is to avoid wearing down the drive and extend its useful life.
Normally it doesn't matter, but if you want to delete data such that it's
really really gone, it obviously poses a problem. Using TPM NVRAM solves
it, albiet, at a high usability cost.
*note: actual tamper resistance of real-world TPM chips is not something
that seems to have been studied much
On Tue, Jul 30, 2013 at 1:27 PM, Wendell <w@grabhive•com> wrote:
> Can you explain this process for those of us not too familiar with TPM
> chips?
>
> -wendell
>
> grabhive.com | twitter.com/grabhive | gpg: 6C0C9411
>
> On Jul 30, 2013, at 10:40 AM, Mike Hearn wrote:
>
> > As a testament to the seriousness with which Pond takes forward
> security, it can use the NVRAM in a TPM chip to reliably destroy keys for
> data that an SSD device might have otherwise made un-erasable.
>
[-- Attachment #2: Type: text/html, Size: 3064 bytes --]
next prev parent reply other threads:[~2013-07-30 12:12 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-30 5:01 Randolph D.
2013-07-30 6:50 ` Gregory Maxwell
2013-07-30 8:40 ` Mike Hearn
2013-07-30 11:27 ` Wendell
2013-07-30 12:12 ` Mike Hearn [this message]
[not found] ` <CAD2Ti29=Lzcun+0Jz7zn2Dt9G2a06f-0V8KEBUMHJTGxhHQV0A@mail.gmail.com>
2013-07-30 22:17 ` [Bitcoin-development] [bitcoin-list] " Mike Hearn
[not found] ` <CAD2Ti29zbac5YrW6+oMvb=8t7b1A31XckyC-mH7_qixLCRnFaQ@mail.gmail.com>
[not found] ` <51F886F6.1090108@gmail.com>
2013-07-31 9:08 ` Mike Hearn
[not found] ` <20130731133104.GW29404@leitl.org>
[not found] ` <CANEZrP3J1+ATYSRcAcJgGtwcJE+XXKjFrdkP-bYQS7VbxKfV-g@mail.gmail.com>
2013-07-31 15:54 ` Mike Hearn
2013-07-31 16:11 ` [Bitcoin-development] " Randolph D.
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CANEZrP0OYzz8p6zT_y7JGZyofZ=wTZ=6umCLu0AJy8KH6E0R5A@mail.gmail.com' \
--to=mike@plan99$(echo .)net \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=bitcoin-list@lists$(echo .)sourceforge.net \
--cc=w@grabhive$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox