Nomen Nescio <nobody@dizum.com> writes:

If a key is misused, i.e. "scraped" out of the TPM and used to create a virtualized, rule-breaking software TPM, it can be revoked. This means that all the TPMs that share that one key lose the use of that key. But it doesn't matter much, because they each have many more they can use. Since it is expected that only a small percentage of TPMs will ever need their keys revoked, most TPMs should always have plenty of keys to use.

I designed something along these lines some years ago as a way of building a fault-tolerant key management system. The idea is that you create a pile of keys, and these vote on key updates. If a key is compromised, you sign its replacement with a quorum of non-compromised keys, and replace the bad key. You also periodically roll over keys as a preventive measure, limiting exposure due to compromises. No need for a PKI or anything else complex like that, it's all automatic and transparent. There can be slight problems if a device stays offline long enough that enough keys have been rolled over to make reaching a quorum impossible, which was an issue when I designed the thing but rather unlikely now. I can dig up the exact details in case anyone's interested. Peter.