Loading…
Monday, August 19 • 2:30pm - 3:10pm
Securing TPM Secrets with TXT and Kernel Signatures - Paul Moore, Cisco*

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
This presentation will discuss a work in progress to secure data in the TPM2’s NVRAM using Intel’s TXT and extensions to tboot to support kernel signature verification. The ultimate goal being the ability to restrict access to TPM2 stored data to only those kernels which have been signed by an authorized entity while being robust in the face of kernel upgrades and downgrades.

The talk will discuss the design, and current progress, in the context of existing solutions using traditional TXT and UEFI Secure Boot; explaining why these solutions fall short either in terms of protection or usability.

Speakers
avatar for Paul Moore

Paul Moore

Technical Leader, Cisco
Paul Moore has been involved in various Linux security efforts since 2004, at Hewlett-Packard, Red Hat, and Cisco. He currently maintains the SELinux, audit, and labeled networking subsystems in the Linux Kernel as well as the libseccomp userspace library.



Monday August 19, 2019 2:30pm - 3:10pm
Sapphire D
  • Session Slides Included Yes