Questions tagged [trusted-computing]
Trusted Platform Module (TPM) and other protocols and components of trust in a computer or computer network
125 questions
2
votes
0
answers
58
views
Confidential Computing - Which enclave can retrieve Provisioning Key? (PvE or PcE)
I am confusing about the Provisioning Enclave and Provisioning Certificate Enclave.
In the document SGX101 - Interaction between PSE and Application Enclaves, the Provisioning Enclave (PvE) and ...
- 51
1
vote
0
answers
39
views
What is the difference between Root of Trust and Trusted Computing Base (TCB)? [duplicate]
RoT: element within a system that is trusted and must always behave as expected because any misbehavior cannot be detected at runtime. It's part of the TCB.
TCB: the smallest set of hardware, ...
- 513
0
votes
0
answers
101
views
How do I know my TPM is not tampered with before using it? [duplicate]
I have researched a little bit about TPM, and the way I see it is that it stores the keys securely and erases them if it detects even the slightest hacking attempt.
What I have not found anywhere, ...
- 1
1
vote
1
answer
238
views
Do microcontroller processors like Arm Cortex-M support the TPM's Dynamic root of trust (similar to e.g. Intel TXT)?
The TPM (Trusted Platform Module) has a feature called dynamic root-of-trust. If i understand correctly a measurement of the current system is taken (to enable attestation) by the CPU and transmitted ...
- 21
2
votes
0
answers
268
views
How and why can a TPM be used for disk encryption or DRM?
I don't know much about TPMs, and I admittedly don't know as much about cryptography as I'd like to, though I am quite familiar with basic concepts. For the past two hours I've been attempting to ...
- 141
1
vote
1
answer
555
views
Why the TPM PCRs does not consider a UEFI settings change? If someone resets CMOS, it's undetected
In my laptop I've set up a bios password when I power on the laptop, and once I enter it the laptop starts my linux distro and decrypts the disk without asking any other password. To do this I've set ...
- 137
2
votes
0
answers
656
views
How to wrap/unwrap with TPM2 endorsement key
I have a remote client A which wants to communicate securely with a server B having a discrete TPM. My understanding is that each TPM normally come with a endorsement key from manufacture like ...
- 21
1
vote
0
answers
519
views
Is it possible to see the pubkeys that pair with private keys inside the TPM in Windows?
Is it possible to inspect data (pubkeys, domain names used for webauthn, not private keys) related to private keys stored in the TPM on Windows?
I legally own the hardware and have maximum ...
- 435
4
votes
1
answer
2k
views
How can an application, using Apple's Secure Enclave on macOS or TPM on Windows, protect itself from other applications accessing its private keys?
I'm interested in using Apple's Secure Enclave on macOS or TPM on Windows to protect cryptographic keys used by an application from being accessed by other applications running with the same or higher ...
- 66
2
votes
1
answer
493
views
Are TPM PCRs volatile, non-volatile, or both?
Do PCRs (Platform Configuration Registers) on TPMs (Trusted Platform Modules) retain their data on reboot?
I'm trying to find out if all (or some) of the PCRs on a TPM are volatile (will loose their ...
- 1,166
1
vote
0
answers
179
views
Is there any use case of DAA (Direct Anonymous Attestation) in TPM?
I want to know the use cases of DAA (Direct Anonymous Attestation) in the real world.
- 11
1
vote
1
answer
593
views
How to distribute Android mobile app functionality between OS, Trusted Execution Environment (TEE) and Secure Element (SE)?
There are different scenarios when it's about secure computation/storage on mobile devices, e.g., "REE only", "REE + TEE", or "REE + SE" or "REE + TEE + SE".
...
- 13
4
votes
1
answer
1k
views
Practicality of outsourcing password hashing using enclaves
I've been pondering some potential cybersecurity applications for enclaves. One of them being the problem of password hashing.
Some clients have enclave support, meaning part of their CPU can securely ...
- 290
3
votes
1
answer
19k
views
Understanding TPM PCRs, PCR banks, indexes and their relations
I'm reading about TPM, and I'm currently thinking how to visualize their relationships.
Basically, reading from https://link.springer.com/chapter/10.1007/978-1-4302-6584-9_12 (and the TPM documents) I ...
- 259
1
vote
0
answers
389
views
Hardware roots of trust nowadays
I find that names and terms used in relation to Trusted (Trustworthy, Confidential,..) Computing are highly interchanged and thus creating confusion for laymen as am I.
Trusted Computing has been ...
- 155