add some contend
This commit is contained in:
parent
426b358443
commit
a46eae9b17
29
content/post/concept-tamperresistance-pi.md
Normal file
29
content/post/concept-tamperresistance-pi.md
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
+++
|
||||||
|
title = "Concept autonom tamperresistant Pi"
|
||||||
|
date = 2019-07-01T23:19:17+02:00
|
||||||
|
author = "MH"
|
||||||
|
cover = ""
|
||||||
|
tags = ["Raspberry", "Pi", "Concept", "Tamperproof"]
|
||||||
|
description = "Idears about building a tamperproof server with Praspbery Pi"
|
||||||
|
showFullContent = false
|
||||||
|
draft = false
|
||||||
|
+++
|
||||||
|
|
||||||
|
* Split the sdcard into two partitions one smal wich contains the bootloader, kernel and initrd and an encrypted root filesystem.
|
||||||
|
* Integrate Tor into initrd
|
||||||
|
* calculate a hash with sensors wich messure the enviroment (pressure against a case, eg.)
|
||||||
|
|
||||||
|
If the Pi hast power and a network conetcion ...
|
||||||
|
|
||||||
|
- it can calculate the hash
|
||||||
|
- start the tor client
|
||||||
|
- ask a specific hidden service with the hash for a key
|
||||||
|
- if the hash is korect it return the key wich unlook the rootfs
|
||||||
|
|
||||||
|
... normla bootprocess follows
|
||||||
|
|
||||||
|
> Your Pi can start automatical
|
||||||
|
|
||||||
|
> NO SECRET is stored unsecure on the device
|
||||||
|
|
||||||
|
> An external unlocatable party checks if the device was touched
|
Loading…
Reference in New Issue
Block a user