homepage/content/post/concept-tamperresistance-pi.md
2019-07-01 23:35:06 +02:00

937 B

+++ title = "Concept autonom tamperresistant Pi" date = 2019-07-01T23:19:17+02:00 author = "MH" cover = "" tags = ["Raspberry", "Pi", "Concept", "Tamperproof"] description = "Idears about building a tamperproof server with Praspbery Pi" showFullContent = false draft = false +++

  • Split the sdcard into two partitions one smal wich contains the bootloader, kernel and initrd and an encrypted root filesystem.
  • Integrate Tor into initrd
  • calculate a hash with sensors wich messure the enviroment (pressure against a case, eg.)

If the Pi hast power and a network conetcion ...

  • it can calculate the hash
  • start the tor client
  • ask a specific hidden service with the hash for a key
  • if the hash is korect it return the key wich unlook the rootfs

... normla bootprocess follows

Your Pi can start automatical

NO SECRET is stored unsecure on the device

An external unlocatable party checks if the device was touched