IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [trusted-computing]

Trusted Platform Module (TPM) and other protocols and components of trust in a computer or computer network

Trusted computing primarily refers to standards published by the Trusted Computing Group. TCG designs include the Trusted Platform Module (TPM), an add-on chip for PC-like system that is meant to be tamper-resistant and monitor the operation of the main processor. The TCG has also published designs that are not directly related to the TPM, such as the TNC protocol suite.

114 questions
7
votes
3 answers

Trusted Platform Module, daughterboard vs onboard TPM?

In many cases where a Trusted Platform Module (TPM chip) is employed, it is soldered directly onto the motherboard. Ostensibly the motherboard manufacturer is then solely responsible for integrating the BIOS and TPM module, and the overall tamper…
user2122
7
votes
2 answers

What really is the difference between firmware TPM and a discreet one and should it be trusted more?

What really is the difference between a physical TPM and any implementation of a fTPM? I get that both adhere to the same specification and in my mind should be the same thing, but then, I don't understand why there even are 5 or so different types…
T. Maxx
  • 115
  • 1
  • 1
  • 5
7
votes
3 answers

Does any tablet support remote attestation?

Some PCs come with a TPM. One of the nifty capabilities of TPMs is the ability to perform remote attestation. Remote attestation allows your computer to tell a third computer what software your computer is currently running -- and this statement…
D.W.
  • 98,420
  • 30
  • 267
  • 572
7
votes
3 answers

Can someone detect the URL an android app uses?

I have an android app that makes HTTPS connection to specific URL. Is there a way to keep this URL secret? I know that the IP address and the port number of that connection can be detected, but what about the exact host name and more importantly…
ilija139
  • 173
  • 1
  • 1
  • 6
7
votes
2 answers

If smart hardware is evil can I still securely run software?

I was thinking. And I was searching the Internet. I want to check if there is more than I found. I considered asking on crypto.se. But the question might involve hardware and out of the box thinking. If I have a threat model where the…
Gabriel Schulz
  • 71
  • 4
6
votes
1 answer

TPM bootstrap process

Assume that the file partition where the PC operating system and user data reside are sealed by a number of PCRs (Platform Configuration Registers) dedicated to BIOS measurements. What happens during the boot process if the BIOS is infected by a…
niklr
  • 581
  • 1
  • 4
  • 11
6
votes
3 answers

How do I use a TPM to protect my BIOS/EFI from "remote" attacks

I have a work/gaming computer. The work side is a SSD with linux and the game side is a SSD with Win7 (all security turned off, planning to get viruses and rewipe every LAN). Only one of the drives is physically plugged in at a time. So long as…
Mikey
  • 161
  • 1
  • 4
5
votes
2 answers

Loading code securely in the Trusted Execution Environment (ARM)

I am reading up on TEE in ARM. I am looking for pointers for the following questions: How does the TEE load code from the OS securely and guarantee that its not malicious code? I am guessing the code is signed and the TEE can verify the signature.…
user220201
  • 893
  • 9
  • 22
5
votes
2 answers

How to use TPM to perform platform authentication?

I am currently looking at TPM (Trusted Platform Module) and wondering how does TPM offer platform authentication. Suppose a legal host is deployed on the cloud. How do I use TPM to assure that the host I am connecting to is that very host, rather…
user1834567
  • 51
  • 1
  • 2
5
votes
2 answers

Is it possible to share BitLocker decryption keys between multiple TPMs?

The TPM specification mentions that some keys are migratable, i.e. transferable to another TPM. Does this mean that it would be possible to share (transfer) a BitLocker decryption key between several TPMs, and thus being able to decrypt the same…
user1049697
  • 1,107
  • 2
  • 10
  • 15
5
votes
3 answers

Is a cryptographically signing camera possible?

What kind of digital / cryptographic signing would make it possible to create a camera that cryptographically signs the photos it takes so that the images can be verified to have been taken with that specific camera? The motivation is that if the…
Simon Woodside
  • 265
  • 3
  • 10
5
votes
1 answer

Is TPM ownership required for secure boot or measured boot?

I know: Secure Boot - can use the TPM Measured Boot - must use the TPM Can anyone intimately familiar with these processes explain if any TPM owner-authorized commands are required or used in these processes? Background: I am using a TPM in an…
Wilbur Whateley
  • 588
  • 6
  • 12
5
votes
3 answers

Is there any mechanism available in Android platform for remote attestation?

I recently read about PC/Desktops which come with TPM chips which are used for remote attestation. So following are my questions: Does any Android smartphone come with a TPM chip? Is there any way for a service provider to check whether the user is…
aMa
  • 223
  • 2
  • 6
4
votes
1 answer

Practicality of outsourcing password hashing using enclaves

I've been pondering some potential cybersecurity applications for enclaves. One of them being the problem of password hashing. Some clients have enclave support, meaning part of their CPU can securely execute code in an encrypted and authenticated…
Expectator
  • 171
  • 4
4
votes
1 answer

What Trusted Execution Environment (TEE) solutions exist for mobile devices?

A trusted execution environment (TEE) provides a way for one to deploy tamper-proof programs on a device. The most prominent example of TEEs seem to be Intel SGX for PCs. What I wonder is, if there exists an equivalent solution for mobile devices.…
SpiderRico
  • 177
  • 5
1 2
3
4 5 6 7 8