From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with archive (Exim 4.43)
	id 1Laf0B-0000GR-1A
	for mharc-grub-devel@gnu.org; Fri, 20 Feb 2009 18:41:51 -0500
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1Laf09-0000GM-AO
	for grub-devel@gnu.org; Fri, 20 Feb 2009 18:41:49 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1Laf08-0000GA-Ny
	for grub-devel@gnu.org; Fri, 20 Feb 2009 18:41:49 -0500
Received: from [199.232.76.173] (port=38651 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Laf08-0000G7-Kw
	for grub-devel@gnu.org; Fri, 20 Feb 2009 18:41:48 -0500
Received: from fg-out-1718.google.com ([72.14.220.158]:3055)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <phcoder@gmail.com>) id 1Laf08-0000L4-5a
	for grub-devel@gnu.org; Fri, 20 Feb 2009 18:41:48 -0500
Received: by fg-out-1718.google.com with SMTP id l27so1561589fgb.30
	for <grub-devel@gnu.org>; Fri, 20 Feb 2009 15:41:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:message-id:date:from
	:user-agent:mime-version:to:subject:references:in-reply-to
	:content-type:content-transfer-encoding;
	bh=VekKDGUAtjZYSS9Z8ak/ybyANeerq21iyuWpf2xoKf4=;
	b=BBlnkX6O5MmfJuAwXWMrlbbGY/X9hodihdZl6dzbswW05I1tvTbjZLZQ3GH/kHCiSP
	vqQgdVNYlFFKb94ZmwU7bmWhQ2ejAnVhn2R3oWulXpK+lLvMXuhcrdivTbnNfZjnSOC8
	DX0y2UTWoxkwsFU5E+15enL2bk4ROi2wfuOaA=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=message-id:date:from:user-agent:mime-version:to:subject:references
	:in-reply-to:content-type:content-transfer-encoding;
	b=NO/wBd9yU59qQBe9+0uGS2WVNBMzxwl8fKm1c0JO54IiGvjcDtJmox+3uMX1OSfRy5
	kx0VutgUVWQkPkDeoz9Vj2yEeqjPvscQ/p0fxaeh/3xRpQO9egTIMZWSOVZV4tJssBDT
	3MXvhMIsK4DcMGETTAgDYqBAnD/7T9xjTa+OI=
Received: by 10.86.65.9 with SMTP id n9mr1363034fga.55.1235173306786;
	Fri, 20 Feb 2009 15:41:46 -0800 (PST)
Received: from ?192.168.1.25? (184-134.62-81.cust.bluewin.ch [81.62.134.184])
	by mx.google.com with ESMTPS id 4sm615273fge.54.2009.02.20.15.41.45
	(version=SSLv3 cipher=RC4-MD5); Fri, 20 Feb 2009 15:41:46 -0800 (PST)
Message-ID: <499F3FB9.9070304@gmail.com>
Date: Sat, 21 Feb 2009 00:41:45 +0100
From: phcoder <phcoder@gmail.com>
User-Agent: Thunderbird 2.0.0.19 (X11/20090105)
MIME-Version: 1.0
To: The development of GRUB 2 <grub-devel@gnu.org>
References: <499F25B0.8000202@gmail.com> <499F376C.60906@student.ethz.ch>
In-Reply-To: <499F376C.60906@student.ethz.ch>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 2)
Subject: Re: SHA-1 MBR
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: The development of GRUB 2 <grub-devel@gnu.org>
List-Id: The development of GRUB 2 <grub-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Feb 2009 23:41:49 -0000

Hello
Jan Alsenz wrote:
> Hi!
> 
> Wow, cool work!
Thanks
> It's not complete SHA-1, but the rest should be just a constant offset.
I already said how it differs from standard one. If you feed padded 
byteswapped data to it and then byteswap the rsult back you obtain 
exactly normal SHA-1. But as I said if size is fixed it's compeletely 
equivalent in security to normal SHA-1 (you can easily prove formally 
that any successful attack on one variant immediately results in 
successful attack on another variant)
> 
> But I'm still not sure, what you are trying to do here, is the MBR your root of
> trust?

I'm trying to achieve universal verification scheme which is able to do 
what is needed to support tpm ("prolonging chain of trust" in tpm 
unstandard parlance) without using tpm itself. Such scheme can in future 
be useful in other applications as well.
 > If not, who checks the MBR?
This can't be done by grub because it happens before any part of grub is 
loaded. to verify grub you need to rely on vendor/platform-specific 
mechanisms.
I personally find "tpm without tpm" more attractive because it can be 
easily reused on another platform or any alternative to tpm (perhaps 
anybody here or coreboot folks will come up with something). 
Additionally it workarounds many bios and tpm bugs.
I will continue working on sha-1 boot. My goal is to load core.img 
checked. After that point there is much more space and any signature 
based solution can be used.
> 
> Greets,
> 
> Jan
> 
Regards
Vladimir 'phcoder' Serbinenko