Quick Tutorial on TPM 2.
A Practical Guide to TPM 2.0
Navigating the Specification Pages Arthur, Will et al. Execution Environment Pages Arthur, Will et al. Hierarchies Pages Arthur, Will et al. Keys Pages Arthur, Will et al. Authorizations and Sessions Pages Arthur, Will et al. Key Management Pages Arthur, Will et al. Context Management Pages Arthur, Will et al. Debugging Pages Arthur, Will et al. Springer Professional.
Back to the search result list.
A Practical Guide to TPM 2.0
Springer Professional "Wirtschaft" Online-Abonnement. Open Access Chapter 1. History of the TPM Abstract. PDF View full text. Even though more than 1 billion TPMs are deployed in the market, and they exist on almost all commercial PCs and servers, very few people know about them. And many people who do know about TPMs are surprised to discover that many applications are written for them. There are also a large number of ways to easily write applications that take advantage of TPM 1. Because TPM 2. The purpose of this book is to enable you to write programs that take advantage of all the features of TPM 2.
This book is primarily about TPM 2. A good understanding of this topic will enable you to understand subsequent code examples in this book. A TPM 2. The term encompasses more than objects because the specification uses the word object to identify a very specific subset of entities. This can be confusing, so this chapter briefly describes all of the entity types: permanent entities hierarchies, the dictionary attack lockout mechanism, and PCRs ; nonvolatile entities NVRAM indexes , which are similar to permanent entities; objects keys and data ; and volatile entities sessions of various types.
A hierarchy is a collection of entities that are related and managed as a group. However, this different boot configuration and software would change the PCRvalues. Because these new PCRs would not match the sealed values, the TPM would not release the decryption key, and the hard drive could not be decrypted. This is exactly the use case I happen to want.
Table of contents
It's also the use case the Microsoft uses the TPM for. How do I do it!? So I read that entire book, and it provided nothing useful. Which is quite impressive because it's pages. You wonder what the book contained - and looking back on it, I have no idea.
So we give up on the definitive guide to programming the TPM, and turn instead to some documentation from Microsoft:. It mentions exactly what I want to do:.
- A Practical Guide to TPM | tyruvyvizo.cf.
- A Satyr Once Did Run Away.
- US Paramilitary Assistants to South Vietnam: Insurgency, Subversion and Public Order (Cold War History).
- Women Studying Childcare: Integrating Lives Through Adult Education.
- Credible Threats in Negotiations: A Game-theoretic Approach;
- Audit and Accounting Guide Depository and Lending Institutions: Banks and Savings Institutions, Credit Unions, Finance Companies, and Mortgage Companies.
- Rural Geography. An Introductory Survey.
The EK is designed to provide a reliable cryptographic identifier for the platform. An enterprise might maintain a database of the Endorsement Keys belonging to the TPMs of all of the PCs in their enterprise, or a data center fabric controller might have a database of the TPMs in all of the blades. That key is locked away in there - never to be seen by the outside world. I want the TPM to sign something with it's private key i. Encrypt something with your private key. I'm not even yet asking for the more complicated stuff:. I am asking for the most basic operation a TPM can do.
Why is it impossible to get any information about how to do it? The most basic thing the TPM can be asked to do is give me random bytes. That I have figured out how to do:. I realize the volume of people using the TPM is very low. That is why nobody on Stackoverflow has an answer. So I can't really get too greedy in getting a solution to my common problem. But the thing I'd really want to do is to "seal" some data:. Both TPM1.
It's roughly equivalent to everyone owning a car, but nobody knows how to start one. It can do really useful and cool things, if only we could get past Step 1. All that follows is about TPM 1. Keep in mind that Microsoft requires a TPM 2. The 2. There is no one-line solution because of TPM design principles. Think of the TPM as a microcontroller with limited resources. It main design goal was to be cheap, while still secure. So the TPM was ripped of all logic which was not necessary for a secure operation.
Thus a TPM is only working when you have at least some more or less fat software, issuing a lot of commands in the correct order. And those sequences of commands may get very complex. However, you can intercept the issued commands and look at the responses, thus learning how they are assembled and how they correspond to the command specification. Most of the TPM commands you need are authorized ones. Therefore you need to establish authorization sessions where needed.
Kenneth A Goldman - IBM
Currently I can't run a debug version, so I can't provide you with the exact sequence. So consider this an unordered list of commands you will have to use:. Trusted and Encrypted Keys are two new key types added to the existing kernel key ring service. Both of these new types are variable length symmetric keys, and in both cases all keys are created in the kernel, and user space sees, stores, and loads only encrypted blobs.
All user level blobs, are displayed and loaded in hex ascii for convenience, and are integrity verified.
Trusted Keys use a TPM both to generate and to seal the keys. A loaded Trusted Key can be updated with new future PCR values, so keys are easily migrated to new pcr values, such as when the kernel and initramfs are updated. The same key can have many saved blobs under different PCR values, so multiple boots are easily supported. By default, trusted keys are sealed under the SRK, which has the default authorization value 20 zeros.
The key length for new keys are always in bytes. The 'master' key can either be a trusted-key or user-key type. The main disadvantage of encrypted keys is that if they are not rooted in a trusted key, they are only as secure as the user key encrypting them. The master user key should therefore be loaded in as secure a way as possible, preferably early in boot. The decrypted portion of encrypted keys can contain either a simple symmetric key or a more complex structure.
The format of the more complex structure is application specific, which is identified by 'format'. The initial consumer of trusted keys is EVM, which at boot time needs a high quality symmetric key for HMAC protection of file metadata. The use of a trusted key provides strong guarantees that the EVM key has not been compromised by a user level problem, and when sealed to specific boot PCR values, protects against boot and offline attacks. Create and save an encrypted key "evm" using the above trusted key "kmk":.
Other uses for trusted and encrypted keys, such as for disk and file encryption are anticipated. In particular the new format 'ecryptfs' has been defined in in order to use encrypted keys to mount an eCryptfs filesystem.