From a46eae9b17e8176e1e98e9af03d433d00215608e Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Mon, 1 Jul 2019 23:35:06 +0200 Subject: [PATCH] add some contend --- content/post/concept-tamperresistance-pi.md | 29 +++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 content/post/concept-tamperresistance-pi.md diff --git a/content/post/concept-tamperresistance-pi.md b/content/post/concept-tamperresistance-pi.md new file mode 100644 index 0000000..313cfe7 --- /dev/null +++ b/content/post/concept-tamperresistance-pi.md @@ -0,0 +1,29 @@ ++++ +title = "Concept autonom tamperresistant Pi" +date = 2019-07-01T23:19:17+02:00 +author = "MH" +cover = "" +tags = ["Raspberry", "Pi", "Concept", "Tamperproof"] +description = "Idears about building a tamperproof server with Praspbery Pi" +showFullContent = false +draft = false ++++ + +* Split the sdcard into two partitions one smal wich contains the bootloader, kernel and initrd and an encrypted root filesystem. +* Integrate Tor into initrd +* calculate a hash with sensors wich messure the enviroment (pressure against a case, eg.) + +If the Pi hast power and a network conetcion ... + + - it can calculate the hash + - start the tor client + - ask a specific hidden service with the hash for a key + - if the hash is korect it return the key wich unlook the rootfs + + ... normla bootprocess follows + + > Your Pi can start automatical + + > NO SECRET is stored unsecure on the device + + > An external unlocatable party checks if the device was touched