1

I know that TPM SRK was generated when user take TPM ownership, and it is encrypted by EK public part. All the child keys under SRK need to be loaded into TPM and decrypted by SRK before use. (These are what the books tell us.)

However, it seems that different manufactures have different implementation design for EK & SRK. My question is: In practice, e.g. if SRK will decrypt a loaded child key, does it really experience an decryption process by EK private part first? You can also understand this question in another way: without any call/use, is the SRK stored in nonvolatile memory in encrypted format?

I ask this because I found that many TPM real products always have something different from what the books tell us. e.g. In some TPM, EK is empty, the customer need to generate EK by self before take TPM ownership; EK can be changed once in some TPM products; certificate generation uses SRK instead of EK public, etc. (all above examples happen on TPM 1.2. We do not mention TPM 2.0 here)

TJCLK
  • 818
  • 8
  • 23

1 Answers1

2

The SRK is not encrypted by EK. Both are not required to be encrypted at all. Their security are based on their physical protection and the logic of the TPM itself - no API are to provide their private portion.

The fact that some TPM requires some special operation to create EK after manufacturing is describe in the spec. Please see page 15 or so from Protection Profile PC Client Specific Trusted Platform Module TPM Family 1.2.

northox
  • 1,403
  • 16
  • 26