Security Basics mailing list archives
Re: Securing an encryption key within software.
From: "Saqib Ali" <docbook.xml () gmail com>
Date: Tue, 20 Jun 2006 13:32:14 -0700
Hello Christian,
As for using TPM - forget it. Shure, TPM would give you features to bind your software, or certain data, to one particular machine. But what in case of a hardware Failure? You would loose all your data, unless there are some ways to backup that stuff. I guess there have to be some ways to do that, but still - way too risky and complicated for my taste. But TPM is
Yup most vendors, that are shipping TPMs with their system, are also bundling solution for key escrow (PKI or otherwise) or some other method of key recovery. Dell systems, for e.g. is including Wave Sys' Security center. See: http://www.wavesys.com/products/esc.html -- Saqib Ali, CISSP, ISSAP Support http://www.capital-punishment.net ----------- "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 -----------
Current thread:
- AW: Securing an encryption key within software. Christian . Assfalg (Jun 20)
- Re: Securing an encryption key within software. Saqib Ali (Jun 20)
- <Possible follow-ups>
- AW: Securing an encryption key within software. Christian . Assfalg (Jun 21)