homepage/content/post/concept-tamperresistance-pi.md
2019-07-01 23:35:06 +02:00

30 lines
937 B
Markdown

+++
title = "Concept autonom tamperresistant Pi"
date = 2019-07-01T23:19:17+02:00
author = "MH"
cover = ""
tags = ["Raspberry", "Pi", "Concept", "Tamperproof"]
description = "Idears about building a tamperproof server with Praspbery Pi"
showFullContent = false
draft = false
+++
* Split the sdcard into two partitions one smal wich contains the bootloader, kernel and initrd and an encrypted root filesystem.
* Integrate Tor into initrd
* calculate a hash with sensors wich messure the enviroment (pressure against a case, eg.)
If the Pi hast power and a network conetcion ...
- it can calculate the hash
- start the tor client
- ask a specific hidden service with the hash for a key
- if the hash is korect it return the key wich unlook the rootfs
... normla bootprocess follows
> Your Pi can start automatical
> NO SECRET is stored unsecure on the device
> An external unlocatable party checks if the device was touched