public
/
keyfork
5
0
Fork 0
Code Issues 16 Pull Requests 1 Packages Projects Releases Wiki Activity

Attestation of public keys to authenticate Keyfork shard requests #23

New Issue
Open
opened 2024-01-25 06:32:54 +00:00 by ryan · 1 comment
ryan commented 2024-01-25 06:32:54 +00:00
Owner
Copy Link

Target: Keyfork headless enclave

Sign public keys using an attestation certificate known by shardholders, whose private key is only accessible in the enclave.

Target: Keyfork headless enclave Sign public keys using an attestation certificate known by shardholders, whose private key is only accessible in the enclave.
ryan commented 2024-02-02 09:04:52 +00:00
Author
Owner
Copy Link

Generate ephemeral keys using TPM2 API, have operators perform attestation when they generate the QR code to use for airgap machine.

NOTE: attested ephemeral key replay attacks are not a concern as the TPM is trusted to not leak private key data.

Generate ephemeral keys using TPM2 API, have operators perform attestation when they generate the QR code to use for airgap machine. NOTE: attested ephemeral key replay attacks are not a concern as the TPM is trusted to not leak private key data.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
ryansquared/quick-and-dirty-prompt
ryan/recover-shardholder-hardware
keyfork-shard-v0.2.2
keyfork-v0.2.3
keyfork-derive-openpgp-v0.1.2
keyfork-v0.2.2
keyforkd-models-v0.2.0
keyforkd-client-v0.2.0
keyforkd-v0.1.1
keyfork-shard-v0.2.0
keyfork-qrcode-v0.1.1
keyfork-prompt-v0.1.1
keyfork-mnemonic-util-v0.3.0
keyfork-entropy-v0.1.1
keyfork-derive-util-v0.2.0
keyfork-derive-path-data-v0.1.1
keyfork-derive-openpgp-v0.1.1
keyfork-derive-key-v0.1.1
keyfork-v0.2.0
keyfork-v0.1.0
smex-v0.1.0
keyfork-bug-v0.1.0
keyfork-bin-v0.1.0
keyfork-slip10-test-data-v0.1.0
keyfork-derive-util-v0.1.0
keyfork-frame-v0.1.0
keyforkd-models-v0.1.0
keyforkd-client-v0.1.0
keyfork-derive-openpgp-v0.1.0
keyfork-entropy-v0.1.0
keyfork-crossterm-v0.27.1
keyfork-prompt-v0.1.0
keyfork-zbar-sys-v0.1.0
keyfork-zbar-v0.1.0
keyfork-qrcode-v0.1.0
keyfork-shard-v0.1.0
keyfork-derive-path-data-v0.1.0
keyforkd-v0.1.0
keyfork-derive-key-v0.1.0
keyfork-mnemonic-util-v0.2.0
keyfork-mnemonic-util-v0.1.0
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: public/keyfork#23
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?