Enabling Key Migration Between Non-compatible TPM Versions
نویسندگان
چکیده
We consider the problem of migrating keys from TPM 1.2 to the backwards incompatible TPM 2.0. The major di↵erences between the two versions introduce several challenges for deployed systems when support for TPM 2.0 is introduced. We show how TPM 2.0 support can be introduced while still maintaining the functionality specified by TPM 1.2, allowing a smoother transition to the newer version. Specifically, we propose a solution such that keys can be migrated from TPM 1.2 to TPM 2.0, while retaining behavior with regard to e.g. authorization, migration secrets, PCR values and CMK functionality. This is achieved by utilizing new functionality, such as policies, in TPM 2.0. The proposed solution is implemented and verified using TPM emulators to ensure correctness.
منابع مشابه
Mutual Remote Attestation: Enabling System Cloning for TPM Based Platforms
We describe a concept of mutual remote attestation for two identically configured trusted (TPM based) systems. We provide a cryptographic protocol to achieve the goal of deriving a common session key for two systems that have verified each other to be a clone of themselves. The mutual attestation can be applied to backup procedures without providing data access to administrators, i. e. one trus...
متن کاملProperty-Based TPM Virtualization
Today, virtualization technologies and hypervisors celebrate their rediscovery. Especially migration of virtual machines (VMs) between hardware platforms provides a useful and cost-e ective means to manage complex IT infrastructures. A challenge in this context is the virtualization of hardware security modules like the Trusted Platform Module (TPM) since the intended purpose of TPMs is to secu...
متن کاملHP ProtectTools Firmware security features in HP Compaq business notebooks
Pre-boot authentication on HP Compaq business notebooks ...................................................................... 3 Power-on password authentication overview........................................................................................ 4 Enabling power-on password......................................................................................................... 4 Sm...
متن کاملInteraction of topiramate with carbamazepine: two case reports and a review of clinical experience
We describe a possible clinical interaction between topiramate (TPM) and carbamazepine modified release (CBZ-MR) in patients taking maximum tolerated doses of carbamazepine. Data are presented on 25 patients who contacted the epilepsy nurse specialist telephone helpline for advice after starting treatment with TPM. Thirteen male and 12 female patients, mean age 41 years (range 25-69 years), wit...
متن کاملA Unified Security Analysis of Two-Phase Key Exchange Protocols in TPM 2.0
The Trusted Platform Module (TPM) version 2.0 provides an authenticated key exchange functionality by a single key exchange primitive, which can be called to implement three key exchange protocols (denoted as two-phase key exchange protocols in TPM 2.0): the Full Unified Model, the MQV, and the SM2 key exchange protocols. However, some vulnerabilities have been found in all of these protocols. ...
متن کامل