Collaborate Disseminate
Let’s assume I have 3 computers, each with its embedded TPM. I also have a pair of asymmetric keys, which I created elsewhere. I want to store & import the same external private key I have created onto the TPM of each of the 3 computer… Continue reading Is it possible to store or import an external private key into a TPM?
I have researched a little bit about TPM, and the way I see it is that it stores the keys securely and erases them if it detects even the slightest hacking attempt.
What I have not found anywhere, though is how can I be sure that the TPM t… Continue reading How do I know my TPM is not tampered with before using it? [duplicate]
If we reboot an OS and want to sign something using TPM. And let’s say we want to secure the boot environment using pcr7 policy crypto key. Is it safe to use non-pcr policy key together with a pcr7 policy key?
More formally:
In the progra… Continue reading Is it safe to use a non-pcr key after verifying some pcr7 key is working find after os start on tpm2.0?
I have learned about attacks where the BitLocker master key can be sniffed on its way from the CPU to the TPM using a logic analyzer. However, in computer configurations without TPMs, this is obviously not possible. Furthermore, as I under… Continue reading Is BitLocker susceptible to any known attacks other than bruteforcing when used with a very strong passphrase and no TPM?
The TPM (Trusted Platform Module) has a feature called dynamic root-of-trust. If i understand correctly a measurement of the current system is taken (to enable attestation) by the CPU and transmitted to the TPM. To make sure that the measu… Continue reading Do microcontroller processors like Arm Cortex-M support the TPM’s Dynamic root of trust (similar to e.g. Intel TXT)?
This is a follow-up of these two questions about using the TPM to store application’s keys. While both have great answers, there is a specific aspect I am missing:
How safe are the keys inside the TPM against another (malicious) app trying… Continue reading How safe are my app’s keys inside the TPM against other apps trying to impersonate mine?
I am not very familiar with TPMs, but from what I can tell their main benefit for the user is to make the system as a whole more secure, if you take the appropriate measures, e.g. by checking the boot process or enabling password-less disk… Continue reading Use of TPM to encrypt data of my application in practice
My setup consists of a QEMU image with u-boot 2024.01 and 6.6 Linux kernel. As a TPM I’m using swtpm. For some reason, if I reboot the device the PCR register values are different in the initial boot than in the subsequent boots.
To elabor… Continue reading TPM PCR values change after the first reboot
Are PUFs used, EVERY time we power on the computer, to verify that nothing have been tampered (by using CRP authentication)?
Which element performs this authentication? (bios, secureboot, I don’t know)?
Where are CRPs stored? In which ele… Continue reading Is EVERY time we power on the computer verified that nothing have been tampered via PUF CRP authentication? By which component? Where are CRPs stored?
Are PUFs used, EVERY time we power on the computer to verify that nothing has been tampered with (by using CRP authentication)?
Which element performs this authentication? (bios, secureboot, I don’t know)?
Where are CRPs stored? In which … Continue reading Is PUF Challenge-Response Authentication applied on every power-up event? [closed]