YoVDO

Securing TPM Secrets with TXT and Kernel Signatures

Offered By: Linux Foundation via YouTube

Tags

Cybersecurity Courses Data Protection Courses Linux Security Courses Secure Boot Courses UEFI Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a cutting-edge approach to securing TPM2 NVRAM data using Intel's TXT and tboot extensions for kernel signature verification in this 33-minute conference talk. Delve into the design and progress of a solution that aims to restrict access to TPM2-stored data exclusively to kernels signed by authorized entities while maintaining robustness during kernel upgrades and downgrades. Compare this innovative approach with existing solutions utilizing traditional TXT and UEFI Secure Boot, understanding their limitations in terms of protection and usability. Gain insights into the proposed solution, open issues, current status, and participate in a Q&A session covering topics such as kernel rollback and authorities.

Syllabus

Introduction
The Problem
Protecting TPM Secrets
Secure Boot
UEFI Secure Boot
Intel TXT
Lessons from TXT
Proposed Solution
Open Issues
Current Status
Questions
Kernel rollback
Authorities
Notes
Conclusion
Question


Taught by

Linux Foundation

Tags

Related Courses

Secrets Of The Motherboard - Shit My Chipset Says
44CON Information Security Conference via YouTube
Bootstrapping an Architectural Research Platform
Cooper via YouTube
Baring the System - New Vulnerabilities in SMM of Coreboot and UEFI Based Systems
Recon Conference via YouTube
Linux auf dem Desktop
media.ccc.de via YouTube
Breaking Firmware Trust From Pre-EFI - Exploiting Early Boot Phases
Black Hat via YouTube