0

It's written that the TPM never allows these private keys to be exported outside the chip. This means that the only way to sign something with one of those keys is to use the computer to send a request to the TPM. Now when it comes to remote attestation for authentification,the trusted third party must know the private key of TPM to decrypt its data , isn't the secret key of TPM revealed outside the chip? thanks

  • Why would a trusted third party need to know the private key? – forest Jun 14 '18 at 10:35
  • @forest to decrypt the data sent by the Tpm no? –  Jun 14 '18 at 10:43
  • 1
    That's not how remote attestation works. No data is sent from the TPM to a remote host that can only be decrypted with the TPM's private key. – forest Jun 14 '18 at 10:45
  • does it mean a remote host needs always just the public key to decrypt data? –  Jun 14 '18 at 11:04
  • The remote host won't be decrypting any data like that. In remote attestation he will just verify a signature and if you need to send data securely, you use the TPM of the receiving computer, not the sending one. – Peter Harmann Jun 14 '18 at 11:16
  • @PeterHarmann the way I understand it is this: you have a “secret” key on the TPM and on the remote server somewhere (the one challenging the system with the TPM.) The goal is for the remote server to verify that the TPM has the same key as the server, without actually sending that key over the wire. –  Jun 14 '18 at 11:29
  • 1
    Remote attestation verifies that the remote server is in the state expected (presumably the expected state is uncompromised). The appraiser does not need to hold any secret data. – forest Jun 14 '18 at 11:37
  • @forest what do we really mean by "TPM never allows these private keys to be exported outside the chip" then? –  Jun 14 '18 at 12:10
  • It means just that. The private key can be _used_ by the TPM on behalf of the operating system (just like with HSMs, the OS can say "do this operation with the private key"), but it cannot be _exported_. – forest Jun 14 '18 at 12:53
  • You might want to read http://web.cs.wpi.edu/~guttman/pubs/good_attest.pdf – forest Jun 15 '18 at 21:05

0 Answers0