Lines Matching refs:and

1 			Trusted and Encrypted Keys
3 Trusted and Encrypted Keys are two new key types added to the existing kernel
5 and in both cases all keys are created in the kernel, and user space sees,
6 stores, and loads only encrypted blobs.  Trusted Keys require the availability
8 Keys can be used on any system.  All user level blobs, are displayed and loaded
9 in hex ascii for convenience, and are integrity verified.
11 Trusted Keys use a TPM both to generate and to seal the keys.  Keys are sealed
12 under a 2048 bit RSA key in the TPM, and optionally sealed to specified PCR
13 (integrity measurement) values, and only unsealed by the TPM, if PCRs and blob
16 when the kernel and initramfs are updated.  The same key can have many saved
47 Encrypted keys do not depend on a TPM, and are faster, as they use AES for
49 numbers, and are encrypted/decrypted using a specified 'master' key.  The
70 Examples of trusted and encrypted key usage:
72 Create and save a trusted key named "kmk" of length 32 bytes:
127 compromised by a user level problem, and when sealed to specific boot PCR
128 values, protects against boot and offline attacks.  Create and save an
156 Other uses for trusted and encrypted keys, such as for disk and file encryption