A Practical Guide to TPM 2.0 -

History of the TPM Why a TPM?History of Development of the TPM Specification from 1.1b to 1.2 How TPM 2.0 Developed from TPM 1.2 History of TPM 2.0 Specification Development Summary Basic Security Concepts Cryptographic Attacks Brute Force Calculating the Strength of Algorithms by Type Attacks on the Algorithm Itself Security Definitions Cryptographic Families Secure Hash (or Digest)Hash Extend HMAC: Message Authentication Code KDF: Key Derivation Function Authentication or Authorization Ticket Symmetric-Encryption Key Symmetric-Key Modes Nonce Asymmetric Keys RSA Asymmetric-Key Algorithm RSA for Key Encryption RSA for Digital Signatures ECC Asymmetric-Key Algorithm ECDH Asymmetric-Key Algorithm to Use Elliptic Curves to Pass Keys ECDSA Asymmetric-Key Algorithm to Use Elliptic Curves for Signatures Public Key Certification Summary Quick Tutorial on TPM 2.0 Scenarios for Using TPM 1.2 Identification Encryption Key Storage Random Number Generator NVRAM Storage Platform Configuration Registers Privacy Enablement Scenarios for Using Additional TPM 2.0 Capabilities Algorithm Agility (New in 2.0)Enhanced Authorization (New in 2.0)Quick Key Loading (new in 2.0)Non-Brittle PCRs (New in 2.0)Flexible Management (New in 2.0)Identifying Resources by Name (New in 2.0)Summary Existing Applications That Use TPMs Application Interfaces Used to Talk to TPMs TPM Administration and WMI The Platform Crypto Provider Virtual Smart Card Applications That Use TPMs Applications That Should Use the TPM but Don't Building Applications for TPM 1.2 TSS.Net and TSS.C++Wave Systems Embassy Suite Rocks to Avoid When Developing TPM Applications Microsoft BitLocker IBM File and Folder Encryption New Manageability Solutions in TPM 2.0 Summary Navigating the Specification TPM 2.0 Library Specification: The Parts Some Definitions General Definitions Definitions of the Major Fields of the Command Byte Stream Definitions of the Major Fields of the Response Byte Stream Getting Started in Part 3: the Commands Data Details Common Structure Constructs TPM2B_XXX Structures Structure with Union Canonicalization Endianness : Notation Syntax : Table Decorations Commonly Used Sections of the Specification How to Find Information in the Specification Strategies for Ramping Up on TPM 2.0 Will Ken Dave Other TPM 2.0 Specifications Summary Execution Environment Setting Up the TPM Microsoft Simulator Building the Simulator from Source Code Setting Up a Binary Version of the Simulator Running the Simulator Testing the Simulator Python Script TSS.net System API Test Code Setting Up the Software Stack TSS 2.0 TSS.net Summary TPM Software Stack The Stack: a High-Level View Feature API System API Command Context Allocation Functions Command Preparation Functions Command Execution Functions Simple Code Example System API Test Code TCTI TPM Access Broker (TAB)Resource Manager Device Driver Summary TPM Entities Permanent Entities Persistent Hierarchies Ephemeral Hierarchy Dictionary Attack Lockout Reset Platform Configuration Registers (PCRs)Reserved Handles Password Authorization Session Platform NV Enable Nonvolatile Indexes Objects Nonpersistent Entities Persistent Entities Entity Names Summary Hierarchies Three Persistent Hierarchies Platform Hierarchy Storage Hierarchy Endorsement Hierarchy Privacy Activating a Credential Other Privacy Considerations NULL Hierarchy Cryptographic Primitives Random Number Generator Digest Primitives HMAC Primitives Symmetric Key Primitives Summary Keys Key Commands Key Generator Primary Keys and Seeds Persistence of Keys Key Cache Key Authorization Key Destruction Key Hierarchy Key Types and Attributes Symmetric and Asymmetric Keys Attributes Duplication Attributes Restricted Signing Key Restricted Decryption Key Context Management vs. Loading NULL Hierarchy Certification Keys Unraveled Summary NV Indexes NV Ordinary Index NV Counter Index NV Written NV Index Handle Values NV Names NV Password Separate Commands Summary Platform Configuration Registers PCR Value Number of PCRs PCR Commands PCRs for Authorization PCRs for Attestation PCR Quote in Detail PCR Attributes PCR Authorization and Policy PCR Algorithms Summary Authorizations and Sessions Session-Related Definitions Password, HMAC, and Policy Sessions: What Are They?Session and Authorization: Compared and Contrasted Authorization Roles Command and Response Authorization Area Details Command Authorization Area Command Authorization Structures Response Authorization Structures Password Authorization: The Simplest Authorization Password Authorization Lifecycle Creating a Password Authorized Entity Changing a Password Authorization for an Already Created Entity Using a Password Authorization Code Example: Password Session Starting HMAC and Policy Sessions TPM2_StartAuthSession Command Session Key and HMAC Key Details Guidelines for TPM2_StartAuthSession Handles and Parameters Session Variations Salted vs. Unsalted Bound vs. Unbound Use Cases for Session Variations HMAC and Policy Sessions: Differences HMAC Authorization HMAC Authorization Lifecycle Altering or Creating an Entity That Requires HMAC Authorization Creating an HMAC Session Using an HMAC Session to Authorize a Single Command HMAC and Policy Session Code Example Using an HMAC Session to Send Multiple Commands (Rolling Nonces)HMAC Session Security Policy Authorization How Does EA Work?Policy Authorization Time Intervals Policy Authorization Lifecycle Building the Entity's Policy Digest Creating the Entity to Use the Policy Digest Starting the Real Policy Session Sending Policy Commands to Fulfill the Policy Performing the Action That Requires Authorization Combined Authorization Lifecycle Summary Extended Authorization (EA) Policies Policies and Passwords Why Extended Authorization?Multiple Varieties of Authentication Multifactor Authentication How Extended Authorization Works Creating Policies Simple Assertion Policies Passwords (Plaintext and HMAC) of the Object Passwords of a Different Object Digital Signatures (such as Smart Cards)PCRs: State of the Machine Locality of Command Internal State of the TPM (Boot Counter and Timers)Internal Value of an NV RAM Location State of the External Device (GPS, Fingerprint Reader, and So On)Flexible (Wild Card) Policy Command-Based Assertions Multifactor Authentication Example 1: Smart card and Password Example 2: A Policy for a Key Used Only for Signing with a Password Example 3: A PC state, a Password, and a Fingerprint Example 4: A Policy Good for One Boot Cycle Example 5: A Policy for Flexible PCRs Example 6: A Policy for Group Admission Example 7: A Policy for NV RAM between 1 and 100 Compound Policies: Using Logical OR in a Policy Making a Compound Policy Example: A Policy for Work or Home Computers Considerations in Creating Policies End User Role Administrator Role Understudy Role Office Role Home Role Using a Policy to Authorize a Command Starting the Policy Satisfying a Policy Simple Assertions and Multifactor Assertions If the Policy Is Compound If the Policy Is Flexible (Uses a Wild Card)Satisfying the Approved Policy Transforming the Approved Policy in the Flexible Policy Certified Policies Summary Key Management Key Generation Key Trees: Keeping Keys in a Tree with the Same Algorithm Set Duplication Key Distribution Key Activation Key Destruction Putting It All Together Example 1: Simple Key Management Example 2: An Enterprise IT Organization with Windows TPM 2.0 Enabled Systems Summary Auditing TPM Commands Why Audit Audit Commands Audit Types Command Audit Session Audit Audit Log Audit Data Exclusive Audit Summary Decrypt/Encrypt Sessions What Do Encrypt/Decrypt Sessions Do?Practical Use Cases Decrypt/Encrypt Limitations Decrypt/Encrypt Setup Pseudocode Flow Sample Code Summary Context Management TAB and the Resource Manager: A High-Level Description TAB Resource Manager Resource Manager Operations Management of Objects, Sessions, and Sequences TPM Context-Management Features TPM Internal Slots Special Error Codes TPM Context-Management Commands Special Rules Related to Power and Shutdown Events State Diagrams Summary Startup, Shutdown, and Provisioning Startup and Shutdown Startup Initialization Provisioning TPM Manufacturer Provisioning Platform OEM Provisioning End User Provisioning Deprovisioning Summary Debugging Low-Level Application Debugging The Problem Analyze the Error Code Debug Trace Analysis More Complex Errors Last Resort Common Bugs Debugging High-level Applications Debug Process Typical Bugs Authorization Disabled Function Missing Objects Wrong Type Bad Size Policy Summary Solving Bigger Problems with the TPM 2.0 Remote Provisioning of PCs with IDevIDs Using the EK Technique 1 Technique 2 Technique 3 Data Backups Separation of Privilege Securing a Server's Logon Locking Firmware in an Embedded System, but Allowing for Upgrades Summary Platform Security Technologies That Use TPM 2.0 The Three Technologies Some Terms Intel® Trusted Execution Technology (Intel® TXT)High-Level Description Intel TXT Platform Components Intel TXT Boot Sequence How TPM 2.0 Devices Are Used NV Indices PCRs Conclusion: Intel TXT ARM® TrustZone®High-Level Description TrustZone Is an Architectural Feature Protection Target System-Wide Security Implementation of TrustZone The NS bit The Monitor World Switching Interrupts Relationship to TPMs AMD Secure Technology™Hardware Validated Boot TPM on an AMD Platform SKINIT Summary