2

The title really says it all. I'm starting to dig a little bit into computer security and from what I've watched or from what I have read in books or articles there's always a mention of basic smart cards (e.g. Chapter 3, “Scenarios for Using TPM 1.2” from “A Practical Guide to TPM 2.0”).

I understand TPM is a chip with a given standardised specification. Vendors use these standards to create HW/SW combo to provide the security aspects the specification comes with. But smart cards were a thing long before that, weren't they? Are they something TPMs are based from? Is there a mere similarity between how those two things operate? Are they just a mean of interacting with a computer with a TPM? I think I cannot see them in the basic scenario/use case I can only imagine TPMs are used in (in personal computers).

I'm sorry if I am not making any sense, I would also welcome a source on to how understand TPMs better - from scratch, what it really is, and actually understandable. I have a degree in CS but cannot wrap my head about this yet (book titled “A Practical Guide to TPM 2.0” did not convince me). Thanks!

T. Maxx
  • 115
  • 1
  • 1
  • 5

1 Answers1

2

Both smart cards and TPM are computing environments that can store cryptographic keys and perform cryptographic operations, and performing cryptographic operations involving keys that they store is their primary purpose.

If your operating system supports TPM, it will offer to store keys and passwords inside the TPM and to perform operations on those keys. The interface to do this is often considered a smart card interface because smart cards were the first commonplace type of device that could do this and there isn't a commonly accepted generic term for “computing environment with its own key storage that can perform operations involving these keys”. But see What are the differences between HSM and SE? about terminology.

The advantage of having the smart card or the TPM perform these cryptographic operation is that the keys are better protected than if they were stored on the PC. The isolation between the TPM/smartcard and the main CPU makes it harder for a software vulnerability to expose the keys, and depending on the degree of physical isolation of the TPM, it may be resistant against physical attacks as well (for smart cards, resistance against physical attacks is part of the definition).

The first TPM were physically separate chips soldered on the motherboard of a PC, next to the main processor and other chips. TPM chips often have a design that is similar to a smart card chip. Today a TPM may still be a separate chip, or may be a separate processor inside the same physical chip as the main CPU, or a logical environment inside the main chip, roughly in decreasing order of both security and cost. A TPM can also be a piece of software running in a hypervisor, serving as a TPM for a virtual machine.

A smart card is a removable device: you plug it into a computer (or pass it near a computer if it's contactless), and that computer can make requests to it. A TPM is attached to the motherboard of a PC (the virtual motherboard for a virtual PC environment in a virtual machine). Because the TPM is permanently attached to the computer, it can do things beyond storing keys for the user.

In particular, the TPM can read the computer's memory and the processor state. This is called “measuring” in TPM literature, and the output of the measurement is basically a cryptographic hash of the content of the relevant memory. It can produce an attestation of that state, which is a signature of the state made with a key that is only available inside the TPM. The computer where the TPM is running can send this attestation to a server to prove that it is running in a particular software configuration. This is used on secure networks to ensure that only authorized computers running authorized software can connect to the network. The TPM can also store a description of the expected states (the expected hash values) and authorize certain functions only if the computer is in an expected state, for example to disclose the hard disk encryption key only if the boot code is the pre-programmed boot code and not if the boot code has been modified.

Gilles 'SO- stop being evil'
  • 50,912
  • 13
  • 120
  • 179
  • Thank you @Gilles, this really had shed some light on the smart card issue I had. Would you be able to recommend some literature or a different source of information that goes into deeper details? I am trying to understand if the TPM environment is usable beyond what it is used for today. – T. Maxx Oct 06 '20 at 09:17
  • Most smart card software provides a [PKCS #11](http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html) interface. From a practical perspective, you can make the TPM look like a smart card to linux applications using [tpm2-pkcs11](https://github.com/tpm2-software/tpm2-pkcs11). – MemAllox Oct 21 '20 at 11:03