[tc-rg] Trusted Computing Use Case Document
Wenbo Mao
wenbo.mao at hp.com
Mon Jun 27 20:43:49 CDT 2005
Hi David,
TPM should be very reliable. My TPM has served me one year and never
failed. I posted the break down possibility for the matter of principle.
Since under TCG, a TPM is unique to a platform (uniquely identifies a
platform) and the integration cannot be undo by the platform owner, when
a platform stops serve, the TPM dies together.
In the scenario you concern (a TPM crashes in the middle of exporting a
certificate), I would imagine this a benign problem since nothing has
really done yet (in terms of loss of user's mission critical data).
Best regards,
Wenbo
David Chadwick wrote:
> Wenbo
>
> just how likely are TPMs to break down? Any idea? We are planning to
> use one to secure the keys for our secure audit web service. We do
> plan to export the private encryption key in PKCS#12 format to be on
> the safe side, but if a TPM crashed in the middle of writing an audit
> file, then we would not be able to validate that the file was intact
> on reboot.
>
> regards
>
> David
>
>
> Wenbo Mao wrote:
>
>> Andrew,
>>
>> Under the item "securing the issue of credentials," or maybe under
>> "helping users to secure their credentials," somewhere in the system
>> needs a backup server to work (maybe in a MyProxy position). This is
>> necessary in case the user's TPM breaks down. This means that a user
>> private key can be exported from a TPM to the backup server when the
>> key is generated.
>>
>> While a user's mission critical data can be recovered by working with
>> the backup server, an attested remote execution (eg, for secure
>> multi-party computation, SMPC) should use a non-exportable key
>> (attestation identity key, AIK), therefore existing a backup server
>> can't damage SMPC.
>>
>> Just my few pence (or US cents in Chicago:-)
>> Wenbo
>>
>> Andrew Martin wrote:
>>
>>> Dear all,
>>>
>>> Thinking about the Trusted Computing use case document, I have come up
>>> with five headings under which to arrange use cases:
>>>
>>> * securing the issue of credentials
>>> CA ops etc..
>>>
>>> * helping users to secure their credentials
>>> long term
>>> short term (proxies etc..)
>>>
>>> * secure data storage
>>> data grid applications??
>>>
>>> * attested remote execution
>>> grid compute jobs/data centre processing
>>> public resource distributed computing
>>>
>>> * infrastructure management
>>> distributed firewalls, trusted gateways, etc..
>>>
>>> Have I missed any big areas? Do these overlap too much?
>>>
>>> Can you (especially those who promised at the BOF in Seoul!)
>>> contribute use cases under these headings (or otherwise)? Please
>>> come along on Wednesday and enter the discussion (or send me an
>>> email if you can't make it).
>>>
>>> Best regards
>>>
>>> Andrew
>>>
>>
>>
>
--
Dr Wenbo Mao
Principal Engineer Tel: +44 (0)117 312 9528
Hewlett-Packard Labs. Fax: +44 (0)117 312 9285
Filton Road, Bristol Email: wenbo.mao at hp.com
United Kingdom BS34 8QZ http://www.hpl.hp.com/personal/wm
More information about the tc-rg
mailing list