Explore a TPM-based FDE implementation

[ghost]

Description

This issue exists to track ongoing work into a TPM-based FDE solution. The objective is for it to allow for automatic reboots, and thus full automatic updates.

How will this impact SecureDrop users?

Having FDE would allow for enhanced security to the server, in particular in the event of an adversary gaining physical access to the SD server. Internal audit has shown that the risk is substantial, so it is important that we be able to find a solution to enable FDE while remaining compatible with the daily automatic updates.

How would this affect SecureDrop's threat model?

It would mitigate many threats associated with physical access to the server. The required modifications to the threat model have already been proposed elsewhere.

User Stories

As a security engineer, I want FDE so that unwanted physical access to the server does not compromise SecureDrop's stated goals.

[ghost]

This work is being done in parallel to research into the viability of kexec-based FDE reboots

[ghost]

At time of writing, I can confirm that I have gotten successful automated reboots on a hardware setup of SecureDrop (specifically, the server was encrypted). This was done as a part of time-boxed, exploratory research. The approach relies on clevis, and my initial impression is that while the setup was non-trivial, it does seem stable.

The approach is definitely worth looking into more. As with the kexec approach, more time would need to be spent to make sure that the current boot process doesn't expose any unnecessary risks (since this was a time-boxed exploration, not a thorough examination). Though with my current intuition, I'm less worried about issues with pre-boot security with this approach than I was with kexec.

I would also be curious to know if someone else could reproduce this on different hardware.