diff --git a/resources/daa-network-join.fig b/resources/daa-network-join.fig index 89b7a34..230e460 100644 --- a/resources/daa-network-join.fig +++ b/resources/daa-network-join.fig @@ -26,18 +26,14 @@ Single 2 0 1.00 120.00 180.00 6975 3300 1875 3300 2 1 1 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 2 - 1875 825 1875 4425 + 1875 825 1875 3750 2 1 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 2 - 6975 825 6975 4425 + 6975 825 6975 3750 2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 1050 375 2700 375 2700 825 1050 825 1050 375 2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 6150 375 7800 375 7800 825 6150 825 6150 375 -2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 - 2 0 1.00 120.00 180.00 - 1875 3900 6975 3900 4 1 0 50 -1 4 14 0.0000 0 240 3855 4500 3225 4. JOINPROCEED \001 4 1 0 50 -1 4 14 0.0000 0 180 1485 1875 675 DAA member\001 4 1 0 50 -1 4 14 0.0000 0 180 1215 6975 675 DAA issuer\001 4 1 0 50 -1 4 14 0.0000 0 240 2880 4500 2625 3. APPEND \001 -4 1 0 50 -1 4 14 0.0000 0 180 630 4500 3825 5. OK\001 diff --git a/resources/daa-network-join.pdf b/resources/daa-network-join.pdf index 1d06ee5..5b2703e 100644 Binary files a/resources/daa-network-join.pdf and b/resources/daa-network-join.pdf differ diff --git a/thesis/05_outlook.tex b/thesis/05_outlook.tex index a154d5e..1a627c5 100644 --- a/thesis/05_outlook.tex +++ b/thesis/05_outlook.tex @@ -79,7 +79,7 @@ A small script shown in \autoref{code:verifyimash} tries to recalculate this val done < ima.hashes tpm2_pcrread sha1:10,16 \end{lstlisting} -It uses the debugging PCR 16 which is resetable without reboot and has the same initial value as the first 10 PCRs. +It uses the debug register PCR 16 which is resetable without reboot and has the same initial value as the first 10 PCRs. When IMA is off, the log holds only one entry of the boot aggregate. Then the SHA1 value can be computed with that script. However, comprehending the PCR 10 value with IMA enabled was not possible. @@ -91,7 +91,14 @@ Furthermore the documentation of calculating these vaules did not mention how th \texttt{tpm2\_pcrextend} requires a sha256 hash as input for the corresponding PCR bank, but the IMA log only provides sha1 hashes. Any PCR 10 extensions regarding the sha256 bank are currently not verifiable. - +\subsection{Processing and Sending Biometric Data} +\begin{itemize} + \item Puts together all pieces + \item payload without IMA log about 15KB + \item No encryption for payload, but doable -- depends on the way how Sensor and PIA can communicate together + \item IMA log much too large + \item Test results how long the process of capturing takes -- with and without IMA +\end{itemize} \section{Limitations} \begin{itemize} diff --git a/thesis/MAIN.pdf b/thesis/MAIN.pdf index 69a8a62..bb0ab7d 100644 Binary files a/thesis/MAIN.pdf and b/thesis/MAIN.pdf differ