L12-TCPA-PALLADIUM Datasheet, PDF(4/12 Page) List of Unclassifed Manufacturers

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

L12-TCPA-PALLADIUM Datasheet, PDF (4/12 Pages) List of Unclassifed Manufacturers – TCPA and Palladium

◁

4 The TCPA Feature Set

â¢ Platform Authentication

â¢ Integrity Reporting

â¢ Protected Storage

4 THE TCPA FEATURE SET

Platform Authentication

TCPA provides for the TPM to have control over multiple pseudonymous attestation identities. TPM

attestation identities do not contain any owner or user related information. A platform identity

attests to platform properties. No single TPM identity is ever used to digitally sign data, this

provides privacy protection. A TPM identity certiï¬cation is required to attest to the fact that they

identify a genuine TCPA platform. The TPM identity creation protocol allows for the choice of

diï¬erent Certiï¬cation Authorities (Privacy-CA) to certify each TPM identity to prevent correlation

of the TPMs.

Integrity Reporting

To trust that the TPM is a genuine TPM on a genuine trusted platform, the measurements reported

to the TPM during (and after) the boot process cannot be removed or deleted until reboot. Adding

each step in the boot process to the TPM hash vector ensures that no hiding code can execute on

a platform. The TPM will use an attestation identity to sign the integrity report. The recipient

of integrity information can evaluate trustworthiness of the information based on the certiï¬cated of

this attestation identity.

Protected Storage

The TCPA allows for protected storage, but no generic encryption device is required. Cryptographic

keys can be created that are protected by the TPM. Data can be encrypted using the TPM and can

only be decrypted using this same TPM. Additionally, the root TPM key can be used to create a

hierarchy of sealed keys, of which only the root key lives in the TPM while others live (encrypted)

on the hard drive. This allows the user to build new keys from the original TPM key and ensures

that the TPM public key is not released. Keys in this hierarchy-space can be migrateable, or not,

depending on how they are created by the software/OS or by the manufacturer.

Privacy-Positive design

The ultimate TPM functionality control goes to the owner (i.e. platform administrator). TPM

activation is controlled by the owner, while TPM deactivation is available to the individual users.

Additionally, to ensure privacy no single TPM identity is ever used to digitally sign data and multiple

pseudonymous IDs are allowed, which limits correlation. Remote control of the TPM is enabled by

▷