Trusted platform modules why when and how to use them ariel segall

Trusted Platform Modules Why When and How to Use Them Ariel Segall

Visit to download the full and correct content document: https://textbookfull.com/product/trusted-platform-modules-why-when-and-how-to-use-t hem-ariel-segall/

More products digital (pdf, epub, mobi) instant download maybe you interests ...

The Herbal Alchemist s Handbook A Complete Guide to Magickal Herbs and How to Use Them Karen Harrison

https://textbookfull.com/product/the-herbal-alchemist-s-handbooka-complete-guide-to-magickal-herbs-and-how-to-use-them-karenharrison/

Marketing Plans How to prepare them how to profit from them 8th Edition Malcolm Mcdonald

https://textbookfull.com/product/marketing-plans-how-to-preparethem-how-to-profit-from-them-8th-edition-malcolm-mcdonald/

The Illustrated Guide to Pigs How to Choose Them How to Keep Them 1st Edition Celia Lewis

https://textbookfull.com/product/the-illustrated-guide-to-pigshow-to-choose-them-how-to-keep-them-1st-edition-celia-lewis/

Philosophy for Life Teach Yourself The Ideas That Shape Our World and How To Use Them Mel Thompson

https://textbookfull.com/product/philosophy-for-life-teachyourself-the-ideas-that-shape-our-world-and-how-to-use-them-melthompson/

The Wealth Dragon Way: The Why, the When and the How to Become Infinitely Wealthy John Lee

https://textbookfull.com/product/the-wealth-dragon-way-the-whythe-when-and-the-how-to-become-infinitely-wealthy-john-lee/

Project Management A Z A Compendium of Project Management Techniques and How to Use Them 1st Edition

Alan Wren

https://textbookfull.com/product/project-management-a-z-acompendium-of-project-management-techniques-and-how-to-usethem-1st-edition-alan-wren/

The Cat Behavior Answer Book Understanding How Cats Think Why They Do What They Do and How to Strengthen Our Relationships with Them Arden Moore

https://textbookfull.com/product/the-cat-behavior-answer-bookunderstanding-how-cats-think-why-they-do-what-they-do-and-how-tostrengthen-our-relationships-with-them-arden-moore/

Next Stop Mars The Why How and When of Human Missions 1st Edition Giancarlo Genta (Auth.)

https://textbookfull.com/product/next-stop-mars-the-why-how-andwhen-of-human-missions-1st-edition-giancarlo-genta-auth/ Pruning and Training What When and How to Prune

Christopher Brickell

https://textbookfull.com/product/pruning-and-training-what-whenand-how-to-prune-christopher-brickell/

TrustedPlatform Modules

Othervolumesinthisseries:

Volume1 KnowledgeDiscoveryandDataMining M.A.Bramer(Editor)

Volume3 TroubledITProjects:Preventionandturnaround J.M.Smith

Volume4 UMLforSystemsEngineering:Watchingthewheels,2ndEdition J.Holt

Volume5 IntelligentDistributedVideoSurveillanceSystems S.A.Velastinand P.Remagnino(Editors)

Volume6 TrustedComputing C.Mitchell(Editor)

Volume7 SysMLforSystemsEngineering J.HoltandS.Perry

Volume8 ModellingEnterpriseArchitectures J.HoltandS.Perry

Volume9 Model-BasedRequirementsEngineering J.Holt,S.PerryandM.Bownsword

TrustedPlatform Modules

PublishedbyTheInstitutionofEngineeringandTechnology,London,UnitedKingdom

TheInstitutionofEngineeringandTechnologyisregisteredasaCharityinEngland& Wales(no.211014)and Scotland(no.SC038698).

©TheInstitutionofEngineeringandTechnology2017

Firstpublished2016

ThispublicationiscopyrightundertheBerneConventionandtheUniversalCopyright Convention.Allrightsreserved.Apartfromanyfairdealingforthepurposesofresearch orprivatestudy,orcriticismorreview,aspermittedundertheCopyright,Designsand PatentsAct1988,thispublicationmaybereproduced,storedortransmitted,inany formorbyanymeans,onlywiththepriorpermissioninwritingofthepublishers,orin thecaseofreprographicreproductioninaccordancewiththetermsoflicencesissued bytheCopyrightLicensingAgency.Enquiriesconcerningreproductionoutsidethose termsshouldbesenttothepublisherattheundermentionedaddress:

TheInstitutionofEngineeringandTechnology

MichaelFaradayHouse SixHillsWay,Stevenage Herts,SG12AY,UnitedKingdom www.theiet.org

Whiletheauthorandpublisherbelievethattheinformationandguidancegiveninthis workarecorrect,allpartiesmustrelyupontheirownskillandjudgementwhenmaking useofthem.Neithertheauthornorpublisherassumesanyliabilitytoanyoneforany lossordamagecausedbyanyerrororomissioninthework,whethersuchanerroror omissionistheresultofnegligenceoranyothercause.Anyandallsuchliability isdisclaimed.

Themoralrightsoftheauthortobeidentifiedasauthorofthisworkhavebeen assertedbyhiminaccordancewiththeCopyright,DesignsandPatentsAct1988.

BritishLibraryCataloguinginPublicationData

AcataloguerecordforthisproductisavailablefromtheBritishLibrary

ISBN978-1-84919-893-6(hardback)

ISBN978-1-84919-894-3(PDF)

TypesetinIndiabyMPSLimited PrintedintheUKbyCPIGroup(UK)Ltd,Croydon

3.2.1TPM1.2rootkeys

3.2.2TPM2.0primaryseedsandhierarchies

3.3.1Rootandnon-rootkeyrelationships

3.13.1PossibleTPMstates

3.13.2Reboots,andwhytheymatter

5.5.3Userstories:takingownership

5.6RemoteverificationofTPMkeys

5.6.1Certification:1.2TPMkeysandPKI

5.6.2Certification:thehomegrownapproach

6.1.1AdvantagesanddisadvantagesofTPMkeys

6.2ThebasictypesofTPMkeys

6.2.1TPM1.2keytypes

6.2.2TPM2.0keyattributes

6.6Migratableandduplicatablekeys

6.6.11.2Normalmigratablekeys

6.6.21.2CertifiableMigrationKeys

6.6.32.0Duplicatablekeys

6.6.4Whentousemigratableorduplicatablekeys

6.8.1Additionalloadingfeaturesin2.0

6.9Handles,names,andauthorization:usingTPMkeysinother

6.9.1Keyhandlesandsecurity

6.11.1TPM1.2:certifyingidentitykeys

6.11.2CertifyingotherTPMkeys(1.2and2.0)

6.11.3RetrievingpublicportionsofTPMkeys

6.12UsingkeyscreatedoutsidetheTPM

6.13TheTPM’saccesscontrolmodels

6.13.1Physicalpresence

6.13.2TPM1.2:userauthentication,PCRs,andlocalities109

6.13.3TPM2.0’sEnhancedAuthorization

6.14Keyaccesscontroluserstories

6.15TSS1.2keymanagementcodeexamples

6.15.1Background:usingtheSRK

6.15.2Keycreation

6.15.4Keyloading

6.15.5Usingpublickeys

Trustedplatformmodules:why,whenandhowtousethem

6.16TSS2.0keymanagementcodeexamples

6.16.3Usingpublickeys

6.16.4EnhancedAuthorizationpolicies

7.1Whatismachineauthentication?

7.1.1Signingversusencryption

7.1.2ThelimitsofTPM-basedmachineauthentication

7.1.3Whataboutuserauthentication?

7.2Signing-basedmachineauthentication

7.2.3TheTPMandsigning-basedauthentication

7.2.4Nonces:whytheymatterandhowtousethem

7.2.5Mitigatingman-in-the-middleattacks

7.3Encryption-basedmachineauthentication

7.3.1Howitworks

7.3.2Whentouseit

7.4Useridentificationversusmachineauthentication

7.5Machineauthenticationuserstories

7.61.2TSSmachineauthenticationcodeexamples

7.6.1Settingasignaturescheme

7.6.2Signingandverifyinghasheddata

7.6.3Encryptionanddecryption

7.7TSS2.0machineauthenticationcodeexamples

7.7.1Signing

7.7.2Verifyingsignatures

7.7.3Encryptionanddecryption

8.1TheprosandconsofTPMsfordatastorage

8.2BasicTPMencryptionfeatures

8.2.1Storagehierarchiesanddataprotection

8.3Diskencryption,bulkdataprotection,andsecurebackups163

8.4Small-scaledataprotection

8.4.1Small-scalelocalencryption

8.5Securedatatransmission

8.5.1Binding,legacykeys,andbackwardscompatibility168

8.6Alternatebackuptechniques

8.7TheTPM’sinternalstorage(NVRAM)

8.7.1UsingNVRAMin1.2

8.7.2UsingNVRAMin2.0

8.8Conditionaldataaccess

8.9Dataprotectionuserstories

8.10TSS1.2dataprotectioncodeexamples

8.10.1Bindingandunbinding

8.10.2Sealingandunsealing

8.10.3UsingNVRAM

8.11TSS2.0dataprotectioncodeexamples

8.11.1Creatingasealedblob

8.11.2Decryptingasealedblob

8.11.3UsingNVstorage

8.11.4ReadingNVcontentsandmanufacturercertificates190

9.1MachinestateandtheTPM

9.1.1Measurementchainsoftrust

9.1.2TheStaticRootofTrustforMeasurement

9.1.3TheDynamicRootofTrustforMeasurement

9.2UsingthePCRs

9.2.1EssentialPCRoperations

9.2.2MeasurementandPCRs

9.2.3Beyondmeasurements:creativeusesofPCRs

9.2.41.2PCRdesign

9.2.52.0PCRdesign

9.2.6ChoosingPCRstouse

9.2.7PCRsbeyondthePC

9.3Basicattestationtechniques

9.3.1Quotes

9.3.2Verifyingquotes

9.3.3Constrainedkeyattestation

9.3.4Directanonymousattestation

9.4Machinestatemeasurementintheoryandreality

9.5Attestationuserstories

9.6TSS1.2attestationcodeexamples

9.6.1ReadingPCRcontents

9.6.2ExtendingPCRs

9.6.3ResettingPCRs

9.6.4Creatingandverifyingaquote

9.7TSS2.0attestationcodeexamples

9.7.1CreatingaPCRselection

9.7.2ReadingPCRcontents

9.7.3ExtendingPCRs

9.7.4ResettingPCRs

9.7.5Creatingandverifyingquotes

x Trustedplatformmodules:why,whenandhowtousethem

10.2.1RevokingtrustinanEK

10.2.2Clearinguserstories

10.3Randomnumbergeneration

10.3.1Randomnumberuserstories

10.4TPMconfiguration

10.4.1Configurationin1.2

10.4.2Configurationin2.0

10.4.3Configurationuserstories

10.5Monotoniccounters

10.7.1Commandaudituserstories

10.8Fieldupgrades

10.91.2-exclusivefeatures

10.9.1TemporarilydeactivatingtheTPM

10.9.2Maintenancearchives

10.9.3Delegation

10.9.4Tickstamps

10.102.0-exclusivefeatures

10.10.1Cryptographicprimitives

10.10.2Clocksandattestingtolocaltime

11Software,specifications,andmore:Wheretofindother TPMresources

11.11.2Programmingtools

11.1.11.2Trusted/TCGsoftwarestacks(TSS)

11.1.2Microsoft’sTBS

11.22.0Programmingtools

11.2.1IBMTSS2.0

11.2.22.0TSS.NetandTSS.C++

11.3Books,courses,andotherdigestedmaterial

11.3.1TPM1.2concepts

11.3.2TPM1.2programming

11.3.3TPM2.0

11.3.4Othertrustedcomputingtopics

11.4Community

11.4.1TheTCG

11.4.2TrouSerS-usersmailinglist

11.51.2Specifications

11.6.1TCGTSS(TPMSoftwareStack)specifications

11.6.32.0Supportingspecifications

11.7.11.2Platformspecifications

11.7.22.0Platformspecification

Trustedplatformmodules:why,whenandhowtousethem

Acknowledgments

Thisbookwouldnothavehappenedwithoutthehelpofavastnumberofpeople,to whomIameternallygrateful:XenoKovah,whofirstaskedmewhetherI’dconsideredteachingaclassonTPMs;mymanywonderfulformercolleaguesatMITRE, particularlyAmyHerzog,JoshuaGuttman,JohnRamsdell,PaulRowe,JustinSheehy, andBrianSniffen;it’samazingwhatyoucanlearnintenyearsofbeingsteepedina subjectwhilesurroundedbysmartpeople.Thentherearealsothegreatfolksfrom theIAD,particularlyGrantWagner,GeorgeCoker,andPeteLoscocco,whonever stoppedaskingreallychallengingquestions;I’dneverhavefiguredhalfofthisstuff outwithoutyou.Thereareallofmytestreaders,inparticulartheexceptionallypatient KevinRiggleandJohnMainzer,whowadedthroughmultipleversionsandsentextensivecommentary.Andaboveall,myamazinglypatientspouse,AndrewMenard,who putupwitharidiculousamountofhassleandstillneverstoppedtellingmeIcould dothis.

Glossaryandacronymexpansions

AIK AttestationIdentityKey.Oftensimplycalledanidentitykey.Akeythatactsas acertifiablepseudonymforaTPM.

AMD AcompanythatmanufacturesCPUsandotherlow-levelhardware.

API Applicationprograminterface.Asetoffunctiondefinitionsforbuildingsoftware applications.

Attestation Thepresentationofverifiableevidenceaboutasystemtoanotherparty (theverifier,sometimescalledtheappraiser).Usually,theverifierisoff-system: wecallthisremoteattestation.Theattestationtargetissometimescalledthe attester.

Authorizationvalue Password,althoughusuallywithmanyfewerconstraintsabout thecontentsthanthesortofpasswordsusersgenerallycreate.InaTPMcontext, sometimesusedtoimplyavaluethat’sbeenpre-hashedbeforetransmission, versusapasswordtransmittedinitsentiretytotheTPM.

BIOS BasicInput/Outputsystem,thoughtheexpansionisalmostneverused. BIOSreferstothefirmwarewhichinitiallysetsupaPC’shardwareduring boot.Althoughtechnically,BIOSandUEFIrefertoentirelydifferentfirmware approachesthatperformsimilarfunctions,becausetheyservethesamepurpose theyareoftenlumpedtogetherundertheBIOSumbrella.MostmentionsofBIOS inthisbookactuallyrefertoeitherBIOSorUEFI.

Blob ATPM-produceddatastructurewhosecontentstheuserisnotexpectedtomake individualuseof;ablackbox.

BootLoader Softwarethatloadsanoperatingsystemkernelaspartoftheboot process.

CA CertificateAuthority.Atrustedpartyparticipatinginapublickeyinfrastructure whocertifiesthatcertainkeyscanbetrustedbyanyonewhotruststheauthority. ChainofTrust Atrustedcomputingconceptinwhicheverycomponentestablishes trustinthenextcomponentbeforehandingovercontrol,usuallyrootedinaRoot ofTrust.Oftencomesupwhendiscussinghowmeasurementsofasystemstate arecreated,althoughotherchainsoftrustexist.

Clear AnoperationthatremovesmostofthedatafromtheTPM.Intendedforuse whenamachineissoldortransferredtoanewowner,sothatoldsecretsareno longeraccessible.

CMK CertifiableMigrationKey.A1.2keythatcanbemigratedbetweenmachines withtheapprovalofatrustedauthority,andcanbecertifiedforexternalverifiers. CPU Centralprocessingunit.Thecoreofamoderncomputer. CRTM CoreRootofTrustforMeasurement.SameasSRTM.

xvi Trustedplatformmodules:why,whenandhowtousethem

CSR Certificatesigningrequest.ArequestpresentedtoaCAtoaskthataparticular keybecertified.NormallypartofaPKI.

DAA Directanonymousattestation.Acomplexformofattestationthatcanestablish trustinasystemwithoutrevealinganythingaboutthesystem’sidentity.

DNSSec DomainNameSystemSecurityExtensions.Astandardforaddingsecurity toDNS,thesystemthatresolveshostnamesonnetworks.

DRM DigitalRightsManagement.Anumbrellatermdescribingtechnologiesfor limitingunauthorizedaccesstospecificproprietaryresources.Usuallyusedina corporateorcopyrightcontext.

DRTM DynamicRootofTrustforMeasurement.AspecialsetofCPUfunctions designedtoallowtrustinasystem’ssoftwaretobeestablishedafteranuntrusted boot.

EA EnhancedAuthorization.Anew,veryfine-grained,andveryflexibleapproach toaccesscontrol,introducedin2.0TPMs.

ECC EllipticCurveCryptography.Anapproachtopublickeycryptographybased onfinitefieldalgebra.

EK EndorsementKey.Thekeyonwhichalltrustina1.2TPMisbased.Intheory, createdandcertifiedbytheTPMmanufacturer.

EPS EndorsementPrimarySeed.Theprimaryseedassociatedwiththeendorsement hierarchy.Thecryptographicmaterialonwhichmostremotetrustina2.0TPM isbased.

FAPI FeatureAPI.PartoftheTCG’s2.0TSS.Intendedtoprovideasmallsubsetof TPMfunctionalitythatwouldbemostusefultothemajorityofusers.

FIPS FederalInformationProcessingStandards.USgovernmentstandardsfor computing,prominentlyincludingsecurity.

GRUB Abootloader,popularonLinux.

Handle Anidentificationvaluethatuniquelyidentifiesanobjectorresourceina givencontext.ThecontextmightbeTPM-specific,program-specific,orsoftware stack-specific.

Hierarchy InaTPM2.0context,hierarchiesaresetsofkeysandotherobjectsrooted inasharedprimaryseed,andmanagedwithasharedsetofauthorizationvalues andpolicies.Differenthierarchiesareintendedfordifferentuses,althoughthere arenoconstraintsonwhatobjectscanbecreatedinwhathierarchies.

HMAC HashedMessageAuthenticationCode.Ahashcombiningdatawithasymmetrickey;theauthenticitycanbeverifiedbyanyoneelsewiththesymmetric key.

IT InformationTechnology.ITdepartmentsareacommondescriptionforthepeople whohandlecomputingresourcesincompaniesandotherlargeorganizations.

IP Amongothermeanings,InternetProtocol.IPaddressesarethestandardwayin whichmachinesconnectedtoanetworkareidentified.

KDF KeyDerivationFunction.Mathematicalfunctionforsecurelyderivingakey fromsomeinitialinput,calledaseed.

MAC MandatoryAccessControl.Asystemwhereaccesscontrolisalwayspresent andenforced.ComparetoDiscretionaryAccessControl,whereaccesscontrolis somethingimposedinindividualinstancesasdesired.

MAC MediaAccessControl,althoughalmostnooneusestheexpansion.MAC addressesareusedtoidentifyindividualnetworkinterfacehardwaredeviceson anetwork.

NVstorage Non-volatilestorage.Storageareaswhosecontentsarenoterasedona reboot.SometimescalledNVRAM.

NVRAM Non-volatileRandom-AccessMemory.SometimescalledNVStorage.

OAEP OptimalAsymmetricEncryptionPadding.Apaddingschemeoftenusedwith TSA,tocreatesafeinputtotheencryptionfunction.

OIAP Object-IndependentAuthorizationProtocol.AnauthorizationsessionprotocolusedtosecurelytransmitauthorizationdatatotheTPM.

OS OperatingSystem.

OSAP Object-SpecificAuthorizationProtocol.Anauthorizationsessionprotocol usedtosecurelytransmitauthorizationdatatotheTPM.

Owner ThepersonwhoisthelocalauthorityonhowtheTPMshouldbeused(or notused).Usually,theliteralownerofthemachine,eitheranindividualorIT department.

PC AlthoughthisstandsforPersonalComputer,inthiscontextitactuallyrefersto thex86familyofcomputerarchitectures,includingbothdesktopsandservers.

PCA PrivacyCertificateAuthority.ACAthatparticipatesintheTCG-designedAIK certificationprotocol.

PCRs PlatformConfigurationRegisters.AsetofregistersintheTPMwithhighly controlledbehaviour,usedtocontainsystemmeasurementsoruserdata.The contentscanbeusedtoconstrainaccesstoTPMresources,orcertifiedforexternal verificationwithaquote.

PKCS OneofthePublicKeyCryptographyStandards.Definesaprogramming interfaceforusingcryptographichardware.

PKI PublicKeyInfrastructure.Adistributedarchitectureforestablishingtrustin publickeys.UsuallyinvolvesatleastoneCA.

PPS PlatformPrimarySeed.Theprimaryseedassociatedwiththeplatform hierarchy.

PrimarySeed Ahiddenvalueusedtogeneratekeysin2.0platforms.Eachhierarchy hasitsownprimaryseed.Servesthesametrustroleastherootkeysin1.2TPMs.

RootKey Akeythatactsasarootoftrustonagivenplatformwitha1.2TPM.

RoT RootofTrust.Acomponentwhichisinherentlytrusted,andwhichisusedto establishtrustinothercomponents.

RTM RootofTrustforMeasurement.Thesystemcomponentthatistrustedtotake aninitialmeasurementofasystem,allowingachainoftrusttobestarted.

RTR RootofTrustforReporting.ThekeythatallexternaltrustinagivenTPM(and thereforesystem)iseventuallyrootedin.In1.2TPMs,theEK;in2.0TPMs, manufacturer-certifiedprimarykeysbasedontheEndorsementPrimarySeed.

RTS RootofTrustforStorage.Thekeythatistrustedtoprotectsecretsinasystem, directlyorindirectly.In1.2TPMs,theSRK;in2.0TPMs,primarykeysbased ontheStoragePrimarySeed.

RSA Awidelyusedpublickeycryptosystembasedonthedifficultyoffactoringthe productsoftwolargeprimenumbers.

xviii Trustedplatformmodules:why,whenandhowtousethem

SAPI SystemLevelAPI.PartoftheTCG’s2.0TSS.

SGX SoftwareGuardExtensions.AsetofnewIntelCPUextensionsproviding additionalsecurityfunctionality.

SHA-1/SHA-256 MembersofthewidelyusedSecureHashAlgorithmfamilyof hashfunctions.SHA-1isbeingslowlyphasedoutofuseasoftheendof2015, owingtodiscoveredweaknesses.SHA-256istherecommendedreplacement.

SPS StoragePrimarySeed.Theprimaryseedassociatedwiththestoragehierarchy.

SRK StorageRootKey.A1.2TPMkeywhichservesastheRootofTrustforStorage.

SRTM StaticRootofTrustforMeasurement.SamethingasCRTM.

State Acomputingtermreferringtoaprogram’sorsystem’sstatusandavailable informationatagivenpointintime.

SVM SecureVirtualMachine.AsetofCPUtechnologiescreatedandsoldbyAMD. TamperResistance Tampering,inthiscontext,referstophysicalattacksagainst hardware;anythingfromanovicewithascrewdrivertoexpertnation-statespies withacid,liquidnitrogen,andlasers.Tamperresistancegenerallyreferstohardwarecapableofresistingsomeamountoftampering.Thisisdistinctfromtamper proofing,whichimpliesanactualimmunitytomostformsoftampering.Tamper proofingisusuallyfoundinveryexpensivehardwaresoldtogovernments,and oftencontainsexplosives;youwillrarelyencounteritinconsumerorcorporate contexts.

TBS TrustedBaseServices.AMicrosoftinterfaceforusing1.2TPMs.

TCG TrustedComputingGroup.Anindustrycoalitionthatcreatesmosttrusted computingstandards,includingtheTPMstandards.

TCPA TrustedComputingPlatformAssociation.Anindustrycoalitionthatwasa precursortotheTrustedComputingGroup.

TCSI TSSCoreServiceInterface.Amid-levellayerofthe1.2TrustedSoftware StackAPI.

TDDL TCGDeviceDriverLibrary.Alow-levellayerofthe1.2TrustedSoftware StackAPI.

TPM TrustedPlatformModule.

Trusted InaTPMcontext,somethingwhosebehaviourispredictable.Thisallows individualstomaketheirowndeterminationaboutwhichbehaviourcanbe trustedinacolloquialsense.

TSPI TSSServiceProviderInterface.Thelayerofthe1.2TrustedSoftwareStack APIintendedforuseprimarilybyapplications.

TSS TrustedSoftwareStackorTPMSoftwareStack.Asoftwarelayertomakeusing theTPMeasier.

TXT TrustedExecutionTechnology.AsetofCPUtechnologiescreatedandsoldby Intel.

UEFI UnifiedExtensibleFirmwareInterface.Amodern,standardizedreplacement foraBIOS.

X.509 Awidelyusedstandardthatdefinesformatsforpublickeycertificates, certificatesigningrequests,andrevocationlists.

Chapter1 Introduction

1.1Aboutthisbook

Oneofthemajorproblemswithtrustedcomputingadoptionhasbeenalackofgood introductoryinformation.Peoplewonderingwhatthistechnologyis,whytheyshould careaboutit,orhowtheyshouldgetstartedusingithavegenerallynothadverymany resourcestoturnto.Inthisbook,Iwillbeginwiththemostbasicquestionsofwhatthe technologyis;talkaboutwhenthistechnologyismostuseful(and,equallyimportant, whenit’snot);andthenstartintroducingthetechnicaldetailsofwhyandhowtouse thetechnology.Ifyou’restillatthestageofwonderingifthistechnologyisrelevant toyou,startwiththefirstcoupleofchapters;there’senoughcomplexityherethata classicengineer’s‘jumpinfeetfirst’approachisinefficient.Ifyou’refamiliarwith thebasicsoftrustedcomputingtechnologyalready,Chapters4andupwillprovide youwithusefulreferencematerial,butyoumayalsofindnewideasforhowtrusted computingcanbeappliedinyourenvironmentinChapter2.

Thisbookisintendedforatechnicalaudience,butnotonewithanyparticular familiaritywithtrustedcomputing,hardware,orsecurityconcepts.Ifyouneeda refresheronorintroductiontothebasiccryptographicvocabularyusedinthisbook, seeAppendixA.

Whilethisbookdoescontainexamplecodedemonstratinghowtousethefunctionalitydescribed,itisnotintendedtobeacomprehensivereferenceforprogramming fortheTrustedPlatformModule(TPM).Instead,Iprovidebackgroundinformation andexampleswhichshouldallowthosewithsomecodingexperiencetousefreely availableresources(primarilyintheformofrelevantspecifications)toimplement whateverTPM-basedfunctionalitytheyneed.Similarly,myprimarygoalforthis bookistoteachsystemdesignerswhattheTPMcandoandwhattheymightwant touseitfor,andprovidealltheinformationyou’llneedtolookupthedetailsfor yourownprojects.Acomprehensivebookcontainingeverythinganyonecouldever possiblyneedwouldrapidlyturnintoanunusabletome,soI’maiminginsteadto provideyouwitheverythingyou’llneedtoworkindependently.

1.1.1Theenterpriseapproach

Whiletherearesomegoodusecasesfortrustedcomputingatanindividuallevel, mostlyinvolvingprotectionofsensitivedata,manyofthemostpowerfultrusted computingusecasesneedalargeinfrastructuretobemosteffective.Alloftheuse

Trustedplatformmodules:why,whenandhowtousethem casesformachineauthenticationandattestation,forexample,requirethattherebea mechanismforonemachinetorecognizethekeysbelongingtoanother;alargepublic keyinfrastructure(PKI)makesthisfeasibleandscalable,butfewindividualsandno existingtrustedthirdpartieswanttobotherwiththeoverheadrequired.Additionally, largeenterprises–betheycompanies,governmentagencies,orotherorganizations–arefarmorelikelythanmostindividualstoneedtotrackmachineidentityandstate overanetwork.Therefore,thisbookhasbeenwrittenwithafocusonenterpriseuse casesandsupportinfrastructure.

Ofcourse,thisisn’ttosaythatthebookcan’tbeusefulifyou’renotinanenterprise InformationTechnology(IT)department.Whetheryou’reastudent,ahobbyist,ora professional,thisbookshouldgiveyouasolidgroundinginwhatTPMsarecapable of,whatthey’regoodfor,andwhatthey’renot.Justkeepinmindwhileyou’rereading thatifyou’renotworkinginanenterprisecontext,youmayhavetothinkalittlebeyond theprintedusecasestoseehowtheyapplytoyourownscenarios.

1.1.2Userstories

Throughoutthisbook,Iwillpresentshortuserstoriesfeaturingfictionalcharacters, intendedtoillustratebothavarietyofusecasesforthistechnologyandthesortsof decisionsthatmightleadtochoosingoneapproachoveranother.Theseexampleswill befarfromcomprehensive;afterall,partofthegoalofthisbookisforyoutogain anunderstandingofhowthistechnologymightapplyinyourownsituation.Instead, theyaremeanttoillustratetheconceptspresentedineachchapterinapractical setting,andhopefullyencourageyoutothinkhowyourowndecisionsmightbe similarordifferentfromthosemadebyAlice,BobandtheircolleaguesatExample, Incorporated.

1.2Whatistrustedcomputing?

‘Trustedcomputing’isanumbrellaterm,withalmostasmanydefinitionsasthere arepeopletalkingaboutit.Thedefinitionwe’lluseinthisbookisamoreformalized versionofthewaytheTrustedComputingGroup(TCG)(seeSection1.2.3)uses theterm:

Trustedcomputingreferstocomputingsystemswhichusehardwaretoprovidesecurity supporttosoftwareandtocreatesystemswithmorepredictablebehaviour.

Thiscoversawiderangeofsystems.Technologieswhichfallunderthetrusted computingumbrellainclude:

TrustedPlatformModules: Thefocusofthisbook,TPMsarechips,usually attachedtoadevice’smotherboard,whichprovideassortedcryptographic functions.I’llbeprovidingmuchmoredetaillater.

Self-encryptingDrives: Fasthardware-supportedcryptographicdataprotection, builtintoaharddrive.

SecureCPUModes: TheseincludeIntel’sTXTandSGX,aswellasAMD’sSVM, andprovidefunctionalitysuchassoftwaremeasurement,codesignaturechecking,andsecureexecution,allinaremotelyverifiablefashion.

TrustedNetworkConnect: Asuiteofnetworkingprotocolscapableofintegrating informationfromplatform-leveltrustedcomputingintonetworkaccessdecisionmaking,butwhichcanalsobeusedwithoutanysecurehardware.

MultilevelComputing: Inthegovernmentworld,differentclassificationlevelsof informationmustbekeptcarefullysegregated,oftenondistinctmachinesornetworks.Multilevelcomputingsystemscombinehardwareandsoftwaretocreate atrustworthywholecapableofsecurelyhandlinginformationatmultiple,highly separated,classificationlevelssimultaneously.

YoumaynoticethatI’veincludedherebothhardwarecomponentsandthesystemswhichusethathardware.That’sbecausethevariousdefinitionsof‘trusted computing’varysowidely.However,it’sverycommontosee‘trustedcomputing’ usedasanalternativetermforTPMsandsystemswhichusethem.

WhydoIintroduceadefinitionthat’ssoveryhardtopindown?Idoitsimplyto familiarizeyouwithatermyou’llencounterofteninthisfield,usedbypeoplewho maynotagreewitheachother.Youmaynotalwaysknowexactlywhatitmeans,but atleastyou’llknowtodiginalittlefurtherandfindoutwhat’sactuallybehinditin aparticularinstance.Andifavendortriestosellyousomethingthatuses‘trusted computing’withoutprovidingdetails,thatcanbeawarningsignthattheydon’t understandthetechnologywellenoughtobuildausefulproduct.1

1.2.1Whatdowemeanby‘trusted’?

Toalayperson,‘trusted’usuallymeanssomethingcloseto‘good’.Trustedcomputing terminologyemploysthewordslightlydifferently.AccordingtotheTCG(moreon themshortly)andresearchersinthisarea:

Atrustedcomponentisonewhichispredictable.

Whydoweusepredictable,ratherthangood,asourbaseline?Onthefaceof it,thisseemsnonsensical.Aviruscanbeatrustedcomponentaccordingtothis definition,ifIknowwhatitsattackpatternisandwhatfilesitwillcorrupt.AwellknowncommercialOSmaynotbe,despiteareputablemanufacturerandgoodcoding practices,ifitsbehaviourissocomplexthatIcan’tdeterminewhatitmaydoinany givensituation.

Thereasonwetakethisapproachistwofold.First,anythingthatispredictable ismucheasiertoevaluate.EitherIcanpredictacomponent’sbehaviorinresponse tocertainstimuli,orIcan’t;andifIcan,Icanmakeusefuljudgmentsaboutits performance.Secondly,it’suniversal.‘Good’meanssomethingverydifferenton apowerstationcontrolpanel(wheretherequirementofremaininginoperationno

1 Forexample,I’veseenvendorstrytoclaimthattheirproductshouldhavethe‘trusted’labelbecauseit containedaTPM…whichhadneverevenbeenturnedon,andwasnotbeingusedinanyway.

Trustedplatformmodules:why,whenandhowtousethem

matterwhatiscritical)fromwhatitdoesinahigh-securitygovernmentworkstation (whereitmaybebetterthatthesystembecomesinoperablethantohaveitleaksecrets) andagainfromwhatitmeansonahomecomputer.Predictability,ontheotherhand, doesn’tchange,whateverthesituation.

Furthermore,thispredictability-baseddefinitionof‘trust’isverypowerful, becauseitletsusbuildamorecolloquialversionof‘trust’ontopofit.IfIcan predictthatthisviruswillbehavebadly,thenIcantakeappropriateaction,suchas notexecutingit.Differentsystemownerscanusethesametrustedsysteminformation andtaketheactionsthatreflecttheirownneeds.

Thatsaid,thelevelsofpredictabilitytoday’ssystemsgiveusisprimitive.For thecomputersciencereaders,nooneinthefieldisclaimingtohavesolvedthe haltingproblem.Instead,we’reusingreasonableapproximations:ifwecan identify a component,thenwecanevaluateitinothercontexts,anddecidewhetherit’ssuitable forourpurposes.Mosttrustedcomputingtechnologiesaredesigned,intheend,either toallowacomponenttobeidentified,ortoidentifyotherrelatedcomponents,orboth.

1.2.2Abriefhistoryoftrustedcomputing

Foralongtime,theonlyentitiesinterestedintrustedcomputingweregovernments, whoinvestedincustom-builtsystemsandsoftwarefortheirhigh-securityneeds. TheOrangeBookisafamoussetofgovernmentguidelinesfromthemid-1980sfor evaluatingtrustedcomputersystems;itandothersfromtheRainbowBookseries ontrustedsystems,publishedbytheUSDepartmentofDefense,arenowavailable onlineforthecurious.

Intheearly2000s,theTrustedComputingPlatformAlliance(TCPA)wasformed, asajointeffortbyseveralmajorconsumertechnologycompanies.TheTCPA’sgoals werediverseandsometimescontradictory,includingbothincreasingconsumertrustin homecomputingsystemsforpurposessuchasbankingandfinancialapplicationsand increasingcopyright-holders’trustinconsumersystemsfordigitalrightsmanagement (DRM),aswellasgenerallyimprovingcomputersecurityforhomeandenterprise systems.ItdrewupthefirstdesignsforwhatwouldeventuallybecomeTPMs.The TCPAwasreplacedbytheTCGin2003.

1.2.3TheTrustedComputingGroup

TheTCG,anindustryconsortiumfeaturingcontributorsfromaroundtheworld,seeks toprovidestandardsfortrustedcomputingtechnologiesandtoincreasetheuseof trustedcomputing.ThetechnologiescoveredbytheTCGarequitediverse,ranging fromself-encryptingdrivesandnetworkingprotocolstotrustedcloudarchitectures andspecialityembeddedsystems.Byproducingcommonstandardswithcontributionsfrommanufacturersandconsumersofthesetechnologies,theTCGseekstomake adoptioneasyatalllevels,andthusimprovethesecurityofcommercialcomputing infrastructure.Bymakingthestandardsopenandvendor-neutral,theTCGhopesto bothlowerthebarriertoentryandreducesomeofthefearsofvendorlock-inand anticonsumerconspiraciesthatdoggedtheearlyTCPAefforts.

Companiesthatwishtocontributetotrustedcomputingstandardsorgetearly accesstotheworksinprogresscanjointheTCG.Althoughfullmembership (andavote)costsmoney,theyalsoacceptsomenon-voting(andnon-paying) contributors,whoparticipateinstandardsdevelopment.

TheTCG’swebsite,withalloftheirpublications(includingreleasedstandards, draftstandardsoutforpublicreviewandcomment,andavarietyofsupplementarymaterials)aswellascontactinformationforthosewhowishtogetinvolved,is http://www.trustedcomputinggroup.org.

1.3TPMsatahighlevel

TrustedPlatformModules,or TPMs,aresmall,inexpensivechipswhichprovidea limitedsetofsecurityfunctions.Theyaremostcommonlyfoundasamotherboard componentonlaptopsanddesktopsaimedatthecorporateorgovernmentmarkets, butcanalsobefoundonmanyconsumer-grademachinesandservers,orcanbepurchasedasindependentcomponents.Theirroleistoserveasa RootofTrust —ahighly trustedcomponentfromwhichwecanbootstraptrustinotherpartsofoursystem. TPMscanbeusedtobootstraptrust:insecrets,particularlycryptographickeys;in aplatform’sidentity;and,whencombinedwithrelatedtechnologies,called Rootsof TrustforMeasurement,inasystem’ssoftwarestate.

TPMsprovidethefollowingfeatures,whichwe’llbediscussinginmoredetail throughoutthisbook:

● A RootofTrustforReporting

● A RootofTrustforStorage

● Limitedinternalstorage – PlatformConfigurationRegisters(PCRs) –Keystorage –Datastorage

● Randomnumbergeneration(RNG)

● Highlyconstrainedcryptographicfunctions

Figure1.1showsahigh-leveldiagramoftheTPMsubcomponentswhichsupport thesefeatures,althoughindividualimplementationsvary.

1.3.1RootsofTrust

Youmaynoticethatwe’venowencounteredthephrase‘RootsofTrust’quiteafew times.So,whatarethey?

Rootsoftrustarejustthat: roots,thepiecesattheverybottomofthesystem. Thesearethecomponentsonwhichallothertrustisbased,andwhichthemselves aretrustedinherently(Figure1.1).Animportantaspectofarootoftrustisthatitis fundamentallyunverifiable;afterall,ifIhaveaproposedrootoftrust,andanother

Figure1.1Ahigh-levelillustrationofaTPM’scomponentparts componentwhichI’musingtoverifyit,thenthatsecondcomponentisreallytheroot oftrust,andtheoriginallyproposedrootisabove2 itinthetrusthierarchy.

Now,thisinherenttrustcan(andshould!)bebasedonout-of-bandassumptions. Imaynotbeabletoverifythatthischipisactuallycorrect,butIcan(hopefully)verify thatitcamefromareliablevendor,whichIcanreasonablyassumemeansthatitwas builtaccordingtoastandardwhichIcanevaluate.Butit’simportanttoremember thatthatchainoflogicisbuiltonasetofassumptions:thatthechipreallycamefrom thevendorIthinkitcamefrom,thatthevendorreallydidimplementthestandard, thattherearen’tanybugsintheimplementationorweaknessesinthestandard,and soforth;andtorememberthatifthischipweareidentifyingasarootoftrusthasa problem,we’regoingtohaveproblemstrustinganythingbuiltontopofit.Thisisone reasonthatenterpriseswithverystrictsecurityneedsshouldpaycarefulattention totheirsupplychainwhenpurchasingrootoftrustcomponents;ifyourrootsare good,you’llhaveagoodchanceofnoticingproblemsabovethem,butifyourrootis compromised,therestofthesystemcan’tbetrusted.

Anotherimportantpointisthattrustisnotgeneric!Itrustmyelectriciantorepair thewiresinmyhouse,butnottoaccessmybankaccount;Itrustmybanktokeepmy moneysecure,butnottokeepmyhousefromburningdown.Similarly,ItrustmyTPM tokeepmykeyssecure,butnottokeepmyantivirusuptodate.Therefore,whenever wetalkaboutarootoftrust,weneedtospecifywhat kind oftrustwe’retalkingabout. InPCs,wecommonlyrunintothefollowingrootsoftrust:

● RootofTrustforStorage(RTS):Acomponentthatprotectssecrets.Responsible formaintainingbothsecrecyandintegrityofthosesecrets.Sometrustedsystems breakthisdownintoseparaterootsforconfidentialityandintegrity.

● RootofTrustforReporting(RTR):Acomponentthatprovidesaccuratereportingondatastoredinsideit.InthePCcontext,thismorespecificallyappliesto accuratereportingofstoredsystemstatedata.NotethattheRTRis not responsible

2 Becauseoftherootmetaphor,trusthierarchiesaresometimespresentedintheoppositeorientationto otherhierarchies,where‘below’isusuallyindicativeoflesspower.

forcreatingthedata,justforhonestlyinformingtherestoftheworldaboutthe data’scontent.

● RootofTrustforMeasurement(RTM):Acomponentthatmeasuresothersoftwareandstoresthosemeasurementsinasecurelocation.InthePCcontext,the RTMisnormallypartofthebootprocess–seeSection9.1.1fordetails–which storesmeasurementsintheTPM.

Othertrustedcomputingsystems,whichIwon’tbediscussinginthisbook,but whichyoumayencounterifyou’reworkingwithphones,cars,orinothernon-PC scenarios,maycontaindifferentrootsoftrust,suchas:

● RootofTrustforVerification:Acomponentthatverifiesanintegritymeasurementagainstapolicy.Normallyfoundinsystemssuchassomeembeddedor mobiledevices,wherethedevicemanufactureralsodefinessomeapproved software.

● RootofTrustforUpdate :Acomponentthatverifiesthelegitimacyofanupdate, usuallybycheckinganauthorizedsignature.Mostcommonlyusedforfirmware updates.

1.3.2Chainsoftrust

Merelytrustingourlowest-levelcomponentsisn’tsufficientforreal-worlduse,where weoftenneedtoestablishtrustinawiderangeofsoftware,keys,andotherdata. Chainsoftrust allowustobootstrapfromthelow-levelrootoftrusttoahigher-level trustedobject,byusingourtrustintheroottoestablishtrustinsecondaryobjects,and thenourtrustinthesecondaryobjectstoestablishtrustintertiaryobjects,andsoforth.

Thechainsoftrustthatwe’llbereferringtomostfrequentlyinthisbookare measurementchainsoftrust (Figure1.2)(sometimescalled bootchainsoftrust becausethey’retriggeredmostfrequentlyduringsystemboot),whichletusbootstrap fromtheRootofTrustforMeasurement(RTM)tomeasurementsofhigher-level software;and storagechainsoftrust (Figure1.3),whichletusbootstrapfromthe RootofTrustforStorage(RTS)totrustinthesecurityofotherdataandkeys.We’ll covermeasurementchainsoftrustinmuchmoredetailinChapter9,andstorage chainsoftrustinChapter6.

1.3.3TheTPMthreatmodel

TheprimarythreatTPMsareintendedtoprotectagainstissoftware-basedattacks aimedtostealinformation,suchaskeys,ortomodifythesystemwithouttheuser’s consent.TPMsalsoprovidesomeprotectionagainstsimplehardwareattacks;being inexpensiveconsumerchips,theyarenotdesignedtodefendagainstasophisticated attacker,butthebuilt-intamperresistanceprovidessomeprotectionagainstcasual thieves.

TPMsalsoprovidesomeprotectionagainstwell-meaningbutinexpertusersand developers.TheTPM’scryptographicfunctionsaredramaticallymoreconstrained thanwouldbenecessaryifitfunctionedmerelyasacryptographiccoprocessor,runningencryptionanddecryptionoperationsoncommand.TheTPM’ssometimesvery

Root of trust for measurement

Trusted component A

Trusted component B

Figure1.2Anabstractmeasurementchainoftrust.Eachcomponentinthechain measuresthenextcomponentbeforehandingoffcontroltoit,placing thosemeasurementsintotheTPM.Wecantrustthemeasurementof componentAbecausewetrusttheroot.Ifthemeasurementof componentAcorrespondstoapieceofsoftwarewetrust,wecanthen trustthemeasurementofcomponentB,andsoonuntilalltrusted componentshavebeenmeasuredandlaunched.TheTPMprovidesus withasafeplacetostorethesemeasurements

Figure1.3A1.2storagechainoftrust.TheStorageRootKeyencryptsthesecret dataofseveralotherkeys,includinganotherstoragekey.Thatstorage key,inturn,canbeusedtoencryptthesecretdataofmorekeys.Our trustinthesecurityofallofthekeysrelies,intheend,onourtrustin theStorageRootKey

complexlimitationsontheuseofkeysorcommandsactassafeguardsagainstpotentiallydangerousactions.Forexample,thelimitationsin1.2TPMsagainstthesame keybeingusedforbothsigninganddecryptionoperationsdirectlypreventanentire classofattackswhichcanresultinunintentionallysigneddata,accidentallydecrypted secrets,orthelossofkeymaterial.Withoutthoseconstraints,itwouldbeeasyfor anuninformeduserorsoftwarebugtotakeactionswithverysevereunnoticedand unintendedconsequences.Itisimportanttonote,however,thatmanyactionswhich wouldbelimitedinanidealperfect-securityworldareessentialforthesmoothoperationofreal-worldsystems.TPMsthereforehaveplentyofcompromisesintheir design;placeswheretheywillallowcommon(butdangerous)operations,orwhere theywillinconvenientlypreventsuchanoperationevenifthatmakescompatibility difficult.SomeofthebiggestdifferencesinTPMversions(seeSection1.3.6)result fromchangingopinionsaboutwhichcompromisesarenecessary.

1.3.4WhatTPMsaregoodfor

ProtectingCryptographicKeys: ThekeysaTPMcreatesareeitherstoredinside theTPM,initsinternalprotectedstorage,orencryptedwithotherprotectedkeys forsecurestorageoutsidetheTPM.Thesekeysneverexistunencryptedoutside theTPM,andarethusprotectedfromsoftware-basedtheftofthekeymaterial.

ProtectedCryptographicFunctions: TPMscanperformbothgenericandspecializedcryptographicfunctionsinternally,ensuringthatkeymaterialissafeeven duringuse.

ProtectedStateRegisters: TPMscanbeusedtotracksystemstateandotherdata recordedbysoftware,inregistersthatareeasytoadddatatobutverydifficult toforge.IncombinationwithTPM-awaresoftware,thesecanbeusedtocreate verifiablerecordsofsoftwareonthesystem.

TrustworthyReporting: TheTPMhasseveralfunctionsthatallowaremoteparty toverifypartsoftheTPM’sinternalstate,includingkeysandregistercontents. Usedincombinationwithexternalstatereportingtools,thiscanbeusedfor remoteattestationofthesystem’sstate.

CheapTamperResistance: TPMsaren’tdesignedforprotectinghigh-securitydata againstexpertattackers,buttheydoprovidehardware-levelprotectionmorethan adequatefordefenceagainstcasualthieves,foraverylowcost.

Throughthecourseofthisbook,we’lltalkabouthowthesesimpleadvantages canbeturnedintopowerfulreal-worldfunctionality.TPMscanbeusedtoidentify machines,protectdatafromtheft,andallowverificationofamachine’ssoftware. Theyareverypowerfulbuildingblocksforinexpensivesystemsecuritytoday.

1.3.5WhatTPMsaren’tgoodfor

Fast,frequentcryptography: CommercialTPMsarebuilttobeinexpensive,not fast.Don’ttryusingthemforoperationsrequiringhighspeedandvolume,such aspacketencryption.

Trustedplatformmodules:why,whenandhowtousethem

Systemmonitoring: WhileTPMscanbeusedtosupportsystem-monitoringsoftwareandprovidereliablecryptographyforreportingontheresultsofsuch monitoring,aTPMdoesnotperformanymonitoringitself.Allsystemmeasurementsareprovidedbyexternalcomponents.(SeeSection9.1.1.)Theexternal componentsavailabletodayareprimarilyusefulforboot-timestateverification, ratherthanruntimesystemmonitoring.

BulkEncryption: Thisisparticularlytruefor1.2TPMs(seeSection1.3.6),which, inadditiontobeingsmallandinexpensivechips,donotsupportthesymmetric encryptionalgorithmsthatarebestforlarge-scaleencryption.

Systemcontrol: TPMshavenoabilitytocontrolthesystemthey’reinstalledin; theycannotpreventbadsoftwarefrombooting,shutdownasystemifmalware isdetected,orotherwisechangethestateofsoftware.Theyareentirelypassive devices.

1.3.6TPMversions

TherearethreeversionsofPCTPMsthatyoumayseereferencesto.Theversion numbershererefertotheversionoftheTPMspecificationimplemented.

● 1.1TPMswerethefirstontothemarket.Rareevenatthetime,thesewere replacedbythenewversioninthemid-2000s;you’reunlikelyevertoencounter oneunlessyou’reusingsomeratherunusualandnow-obsoletehardware.We won’tbecoveringtheminthisbook,althoughmanyofthesameprinciplesapply.

● 1.2TPMsareverycommon;asoftheendof2015,almostallcommercially availableTPMsare1.2TPMs.TheyuseRSAforencryptionandsignatures,and SHA1forhashes.Theirfunctionalityishighlyconstrained,tomakesafeusage ofkeys,data,andcryptographymorelikely,andbecausetheoldertechnology couldnotsupportamultitudeoffeaturesatthedesiredcostpoint.Softwarefor using1.2TPMsexistsonWindowsandLinuxplatforms.(Appledevicesdonot haveTPMsasoftheendof2015.)

● 2.0TPMsarrivedonthemarketinlate2014,althoughasoftheendof2015 theywerestillbeingsoldprimarilytoplatformmanufacturersratherthanconsumers.2.0TPMssupportboththeolderRSAandSHA1algorithmsandthe newerellipticcurvecryptography(ECC)andSHA256hashing;inaddition,they nowsupportsymmetriccryptography,whichwaspreviouslynotincludedowing tocryptographicexportregulations.2.0TPMsaremorecompliantwithexternal standardssuchasX.509,arehighlyconfigurable,andsupportextremelypowerful andflexibleauthenticationmechanisms,butahigherlevelofskillisrequiredto usethemsafely.Asoftheendof2015,thereisonlyasmallamountofsoftware supportfor2.0TPMs,althoughApplicationProgramInterfaces(APIs)havebeen released.

● SomeTPMsare1.2/2.0TPMs,andcanbeusedineithera1.2ora2.0mode, althoughtheymayhavereduced1.2commandsets.Thesechipsaredesigned tobecompatiblewithtoday’s1.2-focusedinfrastructures,whileprovidingfuture proofingagainstadaywhenthe1.2algorithmsarenolongerconsideredsecure, orwhenenough2.0-compatibleTPMshaveenteredthemarketforenterprisesto