Re: Bulk encryption capabilities of a TPM

[Alexander Klimov <alserkli () inbox ru>]

On Thu, 4 May 2006, Saqib Ali wrote:

> Maybe IBM's definition "bulk" is different than Atmel's. When I hear
> the word "bulk", it means several (100+) GB of data to me.

``Bulk'' may also mean just symmetric cryptography.

> One possible solution I forgot to mention in my email was that the
> ASIC possesses a symmetric key which is used for bulk
> encryption. Now the TPM has to only decrypt / encrypt this bulk
> encryption key instead of the decrypting/encrypting the whole HDD.
>
> Same thing can be applied to a software based solution. But where
> does the software store this encrypted bulk encryption key????? You
> need persistent storage for this key. A software alone can not
> provide a safe place for this key.

As far as I can guess, it works as follows: ROM code hashes boot
sector and reports the result to the TPM, the boot sector hashes the
kernel, et cetera. Kernel reads a blob of data from disk (or USB, or
whatever) and asks TPM to decrypt the blob. The TPM uses his own key
for decryption of the blob, but TPM outputs the key only if the main
CPU's software hash matches the value stored in the blob.

So, if an attacker takes the disk and put it in a different computer,
the TPM will not be able to decrypt the blob because that TPM has a
different key. (The same happens if your motherboard dies and you want
to recover your data :-).)

If an attacker loads another OS then the hashes (reported by ROM, boot
sector, etc.) will be different and so the TPM will not release the
key ... unless an attacker can change the ROM (which is usually flash)
so that it lies to the TPM about the hashes.

--
Regards,
ASK