[svsm-devel] CVM State Persistence and Security Analysis

Snyman, Jean jean.snyman at hpe.com
Wed Jan 15 19:30:58 CET 2025 

Hi all,

To everyone that attended this week's development call, thanks for your attention to our presentation on secure state persistence. It was great to see so much engagement with the topic.

Our security analysis of the current host-based proxy approach can be found at:
https://stringlytyped.github.io/publications/csvsm-proxy-security-analysis/

Additionally, I've attached today's slides, if anyone wishes to refer back to them. We also have a written explanation of our approach here:
https://docs.google.com/document/d/1DaTycUH0M2qU6lK0EF8d42g-e0CvBOD-3rxrk8lCea4/edit<https://docs.google.com/document/d/1DaTycUH0M2qU6lK0EF8d42g-e0CvBOD-3rxrk8lCea4/edit?tab=t.0#heading=h.1fob9te>

This document could use some cleanup, as the processor-derived keys approach we mentioned briefly is interspersed throughout which may be confusing. Also, for the avoidance of any doubt, "vTPM Loader" = "Attestation Bridge".

Let me know if anyone has any follow up questions or feedback.

And thank you to everyone that has supported this effort in one form or another, including Tyler, Stefano and Oliver at RedHat and Dionna at Google.

Kind regards,

Jean Snyman (he/him)
Research Engineer – Security
jean.snyman at hpe.com<mailto:jean.snyman at hpe.com>
Hewlett Packard Labs

Hewlett Packard Enterprise
HPE.com<https://hpe.com>
[cid:03a25f1b-e6f2-4ab5-9576-8563171ef881]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.8bytes.org/pipermail/svsm-devel/attachments/20250115/dabdddd7/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Outlook-kyltm11x.png
Type: image/png
Size: 244 bytes
Desc: Outlook-kyltm11x.png
URL: <http://mail.8bytes.org/pipermail/svsm-devel/attachments/20250115/dabdddd7/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: state-persistence-csvsm-slides.pdf
Type: application/pdf
Size: 794015 bytes
Desc: state-persistence-csvsm-slides.pdf
URL: <http://mail.8bytes.org/pipermail/svsm-devel/attachments/20250115/dabdddd7/attachment-0001.pdf>

More information about the Svsm-devel mailing list