0

I know that keys in a TPM key hierarchy are encrypted with their parent keys. But I read that those parent keys (for instance an asymmetric SRK) need to have some symmetric secret for said encryption. Is is mandatory to encrypt child keys with a symmetric key or can I use the asymmetric keys as well? And if I can only use the symmetric ones, how are they generated?

Sushiman
  • 55
  • 5
  • Asymmetric keys are used when different encryption and decryption keys are needed, this is not typically needed for encryption in a TPM. Private asymmetric keys are encrypted and generally with symmetric keys in a TPM. – zaph Dec 31 '18 at 14:28

1 Answers1

3

Because of the limited size of the possible payload of an RSA encryption, most systems use a hybrid approach. The details are usually hidden from the user: you never see the symmetric session key used in TLS or OpenPGP behind the scenes.

The TPM takes care of the symmetric key that is used to encrypt something using an asymmetric key.

When you ask the TPM to create an "RSA 2048" key, it creates a "RSA-2048 RSAES-PKCS1-v1_5 AES-128-CFB" key, and it uses the AES key in Cipher Feedback mode to encrypt stuff. You can control the details (e.g. use OAEP instead of bad old padding, use AES-256 instead of AES-128), but basically the TPM handles it - don't worry.

Pedantically, the asymmetric key stores the configuration of how to generate the symmetric key, not the symmetric key itself, but that doesn't matter. It is the same way it stores which padding scheme should be used and whether the key should be used for encryption, signing or both.

You can read about it in chapter "22.4 Symmetric Encryption" in "TCG TPM 2.0 Part 1: Architecture" from TCG TPM 2.0 publications, but it's not a fun read.

Z.T.
  • 7,768
  • 1
  • 20
  • 35