Author Topic: Cryptographic web of trust  (Read 9271 times)

0 Members and 1 Guest are viewing this topic.

Offline bushing

  • Senior Member
  • Needs to get outside.
  • *****
  • Posts: 119
  • props to my peeps
Cryptographic web of trust
« on: June 01, 2005, 01:24:06 am »
I've seen a lot of speculation as to what needs to be signed and what doesn't, so I'd like to put my thoughts down, because I think that I can at least answer that question.

phatd checks signatures on the following files:

  • exec.ini [i believe]
  • all of the players it runs out of exec.ini
  • pkeys2.e
  • /dos/nmp3
  • stuff in the plugins directory that it runs [i believe]
  • /dos/aadec
  • /dos/hdparm
  • playlists it loads


51d verifies the following signatures:

  • firmware.pac
  • boot.pac
  • boot5.pac
  • hdparm
  • progpld
  • blank.bif
  • prog.bif
  • anything which it would then run due to a SHELL directive
  • swgrli
  • some other file, in a function called "check_replacement_prog"


That leaves the following unaccounted for (ie, with signatures, but I can't find anything that checks them):

  • 51d
  • linux
  • phatd
  • pkeysa
  • ramdisk
  • rc.sh


The keys to verify those signatures are presumably in pkeys2.e.

Linux is not verifying any signatures; neither is busybox.  You can confirm this yourself by checking the phatnoise-provided sources:

http://unix.phatnoise.com/src/linux-2.4.18-rmk3-crypt1-20041101.tar.gz

http://unix.phatnoise.com/src/busybox-0.52-pn1.tar.gz

Now, this presumably means that all of those signatues are being verified by the boot ROM, and being verified using a key contained in the boot rom itself -- otherwise, we could just stick our own key in pkey2 and resign all of the other files.  (I'm still working on finding a way to use their signatures to verify their own binaries, so we can prove they are real signatures).

(someday, I'll edit this with a real diagram...)
Ben

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: Cryptographic web of trust
« Reply #1 on: June 01, 2005, 01:36:30 am »
I agree with your statements... I think we could either extract the key from memory using the JTAG interface or just replace the key if we could do it whole sale, unless the key is also stored on the drive itself in the magic sectors... hmmm

Offline bushing

  • Senior Member
  • Needs to get outside.
  • *****
  • Posts: 119
  • props to my peeps
Re: Cryptographic web of trust
« Reply #2 on: June 01, 2005, 03:12:47 am »
Quote
I agree with your statements... I think we could either extract the key from memory using the JTAG interface or just replace the key if we could do it whole sale, unless the key is also stored on the drive itself in the magic sectors... hmmm



In theory, if we could figure out how to do it, we could replace ALL of the keys EVERYWHERE with a different key, and be good to go.  We'll see what we can manage.

I ordered both a JTAG and a serial-level-converter cable, but I'm beginning to believe we will be able to extract the rom image through the serial port, using the boot rom jumper...

-b