Overcoming the potential downside of TCPA

[Jay Sulzberger]

On Thu, 15 Aug 2002, Anonymous wrote:

> [Repost]
>
> Joe Ashwood writes:
>
> > Actually that does nothing to stop it. Because of the construction of TCPA,
> > the private keys are registered _after_ the owner receives the computer,
> > this is the window of opportunity against that as well.
>
> Actually, this is not true for the endoresement key, PUBEK/PRIVEK, which
> is the "main" TPM key, the one which gets certified by the "TPM Entity".
> That key is generated only once on a TPM, before ownership, and must
> exist before anyone can take ownership.  For reference, see section 9.2,
> "The first call to TPM_CreateEndorsementKeyPair generates the endorsement
> key pair. After a successful completion of TPM_CreateEndorsementKeyPair
> all subsequent calls return TCPA_FAIL."  Also section 9.2.1 shows that
> no ownership proof is necessary for this step, which is because there is
> no owner at that time.  Then look at section 5.11.1, on taking ownership:
> "user must encrypt the values using the PUBEK."  So the PUBEK must exist
> before anyone can take ownership.
>
> > The worst case for
> > cost of this is to purchase an additional motherboard (IIRC Fry's has them
> > as low as $50), giving the ability to present a purchase. The
> > virtual-private key is then created, and registered using the credentials
> > borrowed from the second motherboard. Since TCPA doesn't allow for direct
> > remote queries against the hardware, the virtual system will actually have
> > first shot at the incoming data. That's the worst case.
>
> I don't quite follow what you are proposing here, but by the time you
> purchase a board with a TPM chip on it, it will have already generated
> its PUBEK and had it certified.  So you should not be able to transfer
> a credential of this type from one board to another one.

< ... />

But I think you claimed "No root key.".  Is this not a "root key"?

oo--JS.