Hindu Business Line on TPM and laptop security

Posted by Ken Y-N on June 3rd, 2008 at 01:39pm

Jagan Nathan Vaman looked at security issues surrounding laptops for the Hindu Business Line. According to a study (by whom is not mentioned) up to 80% of a company’s business data is on laptops, which is quite a scary figure, assuming it is correct. Therefore, protecting this data against loss is important.

The article looks at attacking disk encryption, in particular a recent attack by Princeton researchers whereby memory chips were frozen with a compressed air blast, then analysed to reveal encryption keys stuck in the ice, as it were. The article says:

This has proved that so-called Trusted Computing hardware, an industry standard approach heralded as significantly increasing the security of modern personal computers, does not appear to stop potential attacks.

The Trusted Computing Group (TCG) has posted a response to this attack (pdf) that highlights that this is not an attack on the Trusted Platform Module (TPM), but on standard PC memory once the decrypted data has left the device.

However, as the article points out, there are no practical ways in software to avoid this risk, as many solutions may degrade performance, for instance.

However, the article concluded that Full Disk Encryption solutions based around TCG specifications, where all the encoding and decoding happens within the drive firmware, as the best solution, as the encryption keys never appear in main memory.

Read the full article here.

Tags: hindu business line, princeton

Under TPM Tags: hindu business line, princeton