Back To Schedule
Monday, August 19 • 2:30pm - 3:10pm
Securing TPM Secrets with TXT and Kernel Signatures - Paul Moore, Cisco*

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This presentation will discuss a work in progress to secure data in the TPM2’s NVRAM using Intel’s TXT and extensions to tboot to support kernel signature verification. The ultimate goal being the ability to restrict access to TPM2 stored data to only those kernels which have been signed by an authorized entity while being robust in the face of kernel upgrades and downgrades.

The talk will discuss the design, and current progress, in the context of existing solutions using traditional TXT and UEFI Secure Boot; explaining why these solutions fall short either in terms of protection or usability.

avatar for Paul Moore

Paul Moore

Principal Software Engineer, Microsoft Corporation
Paul Moore has been involved in various Linux platform security efforts since 2004 at Hewlett-Packard, Red Hat, Cisco, and Microsoft. He currently maintains the Linux Security Module (LSM) layer as well as the SELinux, audit, and labeled networking subsystems in the Linux Kernel... Read More →

Monday August 19, 2019 2:30pm - 3:10pm PDT
Sapphire D
  Refereed Presentation
  • Session Slides Included Yes