(securityonline.info)

658 points transpute | 2 comments | 06 May 23 17:39 UTC | HN request time: 0.931s | source

Show context

dathinab ◴[06 May 23 19:28 UTC] No.35844589[source]▶

I don't understand how such keys can leak?

Hasn't intel heard about locking keys in hardware, e.g. like with hardware security key modules similar but faster/flexibler then a TPM. Surly one of the main developers of TPM does understand that concept.... right? /s

replies(4): >>35844629 #>>35844632 #>>35844776 #>>35844793 #

1. XorNot ◴[06 May 23 19:47 UTC] No.35844776[source]▶

>>35844589 #

If it's a master key you can't run the business risk of losing access to it.

replies(1): >>35845263 #

2. dathinab ◴[06 May 23 20:51 UTC] No.35845263[source]▶

>>35844776 (TP) #

you don't have that risk

there are more then just one or two ways to not have that risk and still have HSK

best many of this solutions scale pretty much to any arbitrary company size

↑

Intel OEM Private Key Leak: A Blow to UEFI Secure Boot Security