Instead of running ssh-keygen I run a client program and tell the chip to generate my keys.
Interesting. So you would prefer to let an undocumented state-machine PRNG, seeded in an undocumented way from the TPMs NVRAM and (alledgedly) randomized with additional entropy input generate your keys?
I can only imagine you did not read the TPM specs. Some excerpts: 'Reporting of Integrity Metrics' of the TPM: ...
The corresponding public key (of a key pair)
is an identity key, since it is a cryptographic value by which the TPM is known. ... And here's the argument for using state-machine with appended SHA1 pseudo RNG instead of a true RNG This architecture is choosen to provide a good source of randomness data without requiring that the TPM include a genuine source of unpredictable data (which may be expensive).
So they've choosen a 'good' random source instead of the 'best possible' random source to (maybe) reduce production costs. IMHO this is misleading information. A P-N junction noise source costs next to nothing.
Right of way for protection of data privacy - are we the people?
Are you really sure you're innocent? Do you expect your representatives which have been elected by youself to believe into your integrity without needing evidence? A minority of the European Parliament seems to be in doubt and precautiously suspects its citizens at the time being. On May 29 2002 in Brussels will be vote if the fundamental rights of the citizens in Europe as there are protection of privacy, freedom of speech and the presumption of innocense should be abolished. Law enforcement authorities shall be authorized to store any data about electronic communications of EU-citizens. The most important rights are endangered to be sacrificed in the course of fight agains terrorism.
Neither the individual case nor interim measures will be considered when it will come to storing data. Thus data would not be saved temporary or in an appropriate manner. Regarding the intention of a part of the European Parliament retention of all individuals' electronic communication shall be done without control to enable further investigations about illegal actions in the future. Therewith all citizens will be assumed to be potential criminals. On April 18 this violation of the basic rights was defeated by a close vote.
For this narrow majority to become an absolute one a letter to the European Parliament was phrased which can be signed here: http://stop1984.com/index2.php?text=letter. txt. Over 40 international civil rights organizations and user groups in the internet subscribed to this letter. Til now the signatures of more than 7500 people all over the world were registered.
If you don't agree with your government suspecting you to be a potential terrorist and storing all your electronic communication without a cause you should sign this letter.
Slashdot Mirror
Interesting. So you would prefer to let an undocumented state-machine PRNG, seeded in an undocumented way from the TPMs NVRAM and (alledgedly) randomized with additional entropy input generate your keys?
I can only imagine you did not read the TPM specs. Some excerpts:
...
...
'Reporting of Integrity Metrics' of the TPM:
The corresponding public key (of a key pair) is an identity key, since it is a cryptographic value by which the TPM is known.
And here's the argument for using state-machine with appended SHA1 pseudo RNG instead of a true RNG
This architecture is choosen to provide a good source of randomness data without requiring that the TPM include a genuine source of unpredictable data (which may be expensive).
So they've choosen a 'good' random source instead of the 'best possible' random source to (maybe) reduce production costs. IMHO this is misleading information. A P-N junction noise source costs next to nothing.
Draw your conclusions.
There is no such thing as 'original pong code', as the original pong was discrete TTL chips. DUH!
Right of way for protection of data privacy - are we the people?
. txt. Over 40 international civil rights organizations and user groups in the internet subscribed to this letter. Til now the signatures of more than 7500 people all over the world were registered.
Are you really sure you're innocent? Do you expect your representatives which have been elected by youself to believe into your integrity without needing evidence? A minority of the European Parliament seems to be in doubt and precautiously suspects its citizens at the time being. On May 29 2002 in Brussels will be vote if the fundamental rights of the citizens in Europe as there are protection of privacy, freedom of speech and the presumption of innocense should be abolished. Law enforcement authorities shall be authorized to store any data about electronic communications of EU-citizens. The most important rights are endangered to be sacrificed in the course of fight agains terrorism.
Neither the individual case nor interim measures will be considered when it will come to storing data. Thus data would not be saved temporary or in an appropriate manner. Regarding the intention of a part of the European Parliament retention of all individuals' electronic communication shall be done without control to enable further investigations about illegal actions in the future. Therewith all citizens will be assumed to be potential criminals. On April 18 this violation of the basic rights was defeated by a close vote.
For this narrow majority to become an absolute one a letter to the European Parliament was phrased which can be signed here:
http://stop1984.com/index2.php?text=letter
If you don't agree with your government suspecting you to be a potential terrorist and storing all your electronic communication without a cause you should sign this letter.