[tc-rg] Trusted Computing Use Case Document

Wenbo Mao wenbo.mao at hp.com
Mon Jun 27 20:43:49 CDT 2005 

Hi David,

TPM should be very reliable. My TPM has served me one year and never 
failed. I posted the break down possibility for the matter of principle. 
Since under TCG, a TPM is unique to a platform (uniquely identifies a 
platform) and the integration cannot be undo by the platform owner, when 
a platform stops serve, the TPM dies together.

In the scenario you concern (a TPM crashes in the middle of exporting a 
certificate), I would imagine this a benign problem since nothing has 
really done yet (in terms of loss of user's mission critical data).

Best regards,
Wenbo

David Chadwick wrote:

> Wenbo
>
> just how likely are TPMs to break down? Any idea? We are planning to 
> use one to secure the keys for our secure audit web service. We do 
> plan to export the private encryption key in PKCS#12 format to be on 
> the safe side, but if a TPM crashed in the middle of writing an audit 
> file, then we would not be able to validate that the file was intact 
> on reboot.
>
> regards
>
> David
>
>
> Wenbo Mao wrote:
>
>> Andrew,
>>
>> Under the item "securing the issue of credentials," or maybe under 
>> "helping users to secure their credentials," somewhere in the system 
>> needs a backup server  to work (maybe in a MyProxy position). This is 
>> necessary in case the user's TPM breaks down. This means that a user 
>> private key can be exported from a TPM  to the backup server when the 
>> key is generated.
>>
>> While a user's mission critical data can be recovered by working with 
>> the backup server, an attested remote execution (eg, for secure 
>> multi-party computation, SMPC) should use a non-exportable key 
>> (attestation identity key, AIK), therefore existing a backup server 
>> can't damage SMPC.
>>
>> Just my few pence (or US cents in Chicago:-)
>> Wenbo
>>
>> Andrew Martin wrote:
>>
>>> Dear all,
>>>
>>> Thinking about the Trusted Computing use case document, I have come up
>>> with five headings under which to arrange use cases:
>>>
>>> * securing the issue of credentials
>>>    CA ops etc..
>>>
>>> * helping users to secure their credentials
>>>    long term
>>>    short term (proxies etc..)
>>>
>>> * secure data storage
>>>    data grid applications??
>>>
>>> * attested remote execution
>>>    grid compute jobs/data centre processing
>>>    public resource distributed computing
>>>
>>> * infrastructure management
>>>    distributed firewalls, trusted gateways, etc..
>>>
>>> Have I missed any big areas?  Do these overlap too much?
>>>
>>> Can you (especially those who promised at the BOF in Seoul!) 
>>> contribute use cases under these headings (or otherwise)?  Please 
>>> come along on Wednesday and enter the discussion (or send me an 
>>> email if you can't make it).
>>>
>>> Best regards
>>>
>>> Andrew
>>>
>>
>>
>


-- 
Dr Wenbo Mao
Principal Engineer         Tel:          +44 (0)117 312 9528
Hewlett-Packard Labs.      Fax:          +44 (0)117 312 9285
Filton Road, Bristol       Email:           wenbo.mao at hp.com
United Kingdom BS34 8QZ    http://www.hpl.hp.com/personal/wm

More information about the tc-rg mailing list