Security Working Group meeting - Wednesday March 16 - results

Michael Richardson mcr at sandelman.ca
Thu Mar 17 06:45:31 AEDT 2022


Joseph Reynolds <jrey at linux.ibm.com> wrote:
    > We also discussed encrypting data like logs, and storing keys in a
    > vault / trust zone /  TPM.

Wouldn't it make most sense to encrypt them *to* an asymmetric (public) key that is
not on the BMC?   Or one can send them over encrypted syslog, or netconf to
another server for safe keeping.
Or are you thinking that you need to sign the logs?

If the key is stored locally, even in a TPM, and the point is to be able to
review logs locally, then the logs need to get decrypted, and that means that
the key needs to be enabled/opened/activated locally, and which point,
if there was a compromised system, the bad guy wins.

I guess I wonder what the goals are here.

    > See also encrypted volume https://github.com/openbmc/estoraged
    > <https://github.com/openbmc/estoraged>

Same issue: where is the key stored?

-- 
]               Never tell me the odds!                 | ipv6 mesh networks [ 
]   Michael Richardson, Sandelman Software Works        | network architect  [ 
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [ 
	
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 658 bytes
Desc: not available
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20220316/4a1c89f3/attachment.sig>


More information about the openbmc mailing list