+++
title = "Concept autonom tamperresistant Pi"
date = 2019-07-01T23:19:17+02:00
author = "MH"
cover = ""
tags = ["Raspberry", "Pi", "Concept", "Tamperproof"]
description = "Idears about building a tamperproof server with Praspbery Pi"
showFullContent = false
draft = false
+++

* Split the sdcard into two partitions one smal wich contains the bootloader, kernel and initrd and an encrypted root filesystem.
* Integrate Tor into initrd
* calculate a hash with sensors wich messure the enviroment (pressure against a case, eg.)

If the Pi hast power and a network conetcion ...

 - it can calculate the hash
 - start the tor client
 - ask a specific hidden service with the hash for a key
 - if the hash is korect it return the key wich unlook the rootfs

 ... normla bootprocess follows

 > Your Pi can start automatical

 > NO SECRET is stored unsecure on the device

 > An external unlocatable party checks if the device was touched