trusted-computing – Page 8 – WindowsTechs.com

33C3: If You Can’t Trust Your Computer, Who Can You Trust?

Posted on December 30, 2016 by Elliot Williams

It’s a sign of the times: the first day of the 33rd Chaos Communications Congress (33C3) included two talks related to assuring that your own computer wasn’t being turned against you. The two talks are respectively practical and idealistic, realizable today and a work that’s still in the idea stage.

In the first talk, [Trammell Hudson] presented his Heads open-source firmware bootloader and minimal Linux for laptops and servers. The name is a gag: the Tails Linux distribution lets you operate without leaving any trace, while Heads lets you run a system that you can be reasonably sure is secure. …read more

Continue reading 33C3: If You Can’t Trust Your Computer, Who Can You Trust?→

What is known about the capabilities of AMD’s Secure Processor?

Posted on October 13, 2016 by mikkros

I’ve found a fair amount of research about what Intel’s ME does, including the "Intel x86 considered harmful (Chapter 4 is about ME)" survey paper by Joanna Rutkowska, but I’m having a much harder time finding information about A… Continue reading What is known about the capabilities of AMD’s Secure Processor?→

What is known about the capabilities of AMD’s Secure Processor?

Posted on October 13, 2016 by mikkros

I’ve found a fair amount of research about what Intel’s ME does, including the “Intel x86 considered harmful (Chapter 4 is about ME)” survey paper by Joanna Rutkowska, but I’m having a much harder time finding information abo… Continue reading What is known about the capabilities of AMD’s Secure Processor?→

How are TPMs used to detect tampering?

Posted on June 30, 2016 by Melab

I’ve known some stuff about trusted platform modules for over six or seven years. I understand their usage in (un)wrapping keys and storing information in NVRAM which may then be locked permanently or until the next power cycle. And though… Continue reading How are TPMs used to detect tampering?→

What does CRTM refer to?

Posted on June 16, 2016 by Yuan Song

The Definition of CRTM in TCG specification says:

Typically, the RTM is the CPU controlled by the Core Root of Trust for Measurement (CRTM). The CRTM is the first set of instructions executed when a new chain of trust is … Continue reading What does CRTM refer to?→

How are TPMs provisioned for Intel Trusted Execution Environment (TXT)?

Posted on June 15, 2016 by Wilbur Whateley

For Intel TXT to work, the TPM must be provisioned. Intel provides some tools for doing this but many are protected by non-public login or an NDA. Many OEM platform vendors provision their boards and machines at manufacturing time so an e… Continue reading How are TPMs provisioned for Intel Trusted Execution Environment (TXT)?→

Difference between TPM, TEE and SE

Posted on May 9, 2016 by Raoul722

What is the difference between a Secure Element (SE), a Trusted Execution Environment (TEE) and a Trusted Platform Module (TPM)?

I understand that they all refer to an external secure cryptoprocessor, which is designed to store cryptograp… Continue reading Difference between TPM, TEE and SE→

Is TPM ownership required for secure boot or measured boot?

Posted on February 23, 2016 by Wilbur Whateley

I know:

Secure Boot – can use the TPM
Measured Boot – must use the TPM

Can anyone intimately familiar with these processes explain if any TPM owner-authorized commands are required or used in these processes?

Background:
I am using a … Continue reading Is TPM ownership required for secure boot or measured boot?→

In practice, does TPM SRK really be decrypted by EK first, before it decrypt its child keys

Posted on December 9, 2015 by Li Dong

I know that TPM SRK was generated when user take TPM ownership, and it is encrypted by EK public part. All the child keys under SRK need to be loaded into TPM and decrypted by SRK before use. (These are what the books tell us… Continue reading In practice, does TPM SRK really be decrypted by EK first, before it decrypt its child keys→

What, or who, exactly is a Certificate Authority (CA) for TPM attestation?

Posted on December 8, 2015 by Wilbur Whateley

I’m learning about and researching the Trusted Platform Module (TPM) to incorporate into a solution involving remote machines.

As I understand it: all attestation methods (AIK, DAA) still require someone to know your identit… Continue reading What, or who, exactly is a Certificate Authority (CA) for TPM attestation?→