TPM
* Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, which is a dedicated microprocessor designed to secure hardware by integrating cryptographic keys into devices.
* TPM's technical specification was written by a computer industry consortium called Trusted Computing Group (TCG). International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) standardized the specification as ISO/IEC 11889 in 2009
* TCG is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms.
https://www.trustedcomputinggroup.org
TPM1.2
TPM Library 2.0
Microsemi Smartfusion2
comments
One SRK,EK
Multiple keys and algorithms per hierarchy
PUF key, KEK,
RNG
RNG
TRNG
be compliant with the NIST SP800-90, NIST SP800-22, and BIS AIS-31 standards,
KEY generation
RSA key generation
Symmetric key generation,
Asymmetric key generation IP
? Asymmetric key generation IP
need confirmation
***
***
AES-128/256 Service (ECB, OFB, CTR, CBC modes)
M2S:NIST FIPS PUB 197
HMAC
HMAC
HMAC-SHA-256 Service
M2S: FIPS 198 HMAC algorithm using SHA-256
SHA-1, RSA
SHA-1, SHA-256, RSA,
SHA-256,
RSA IP
M2S: SHA-256:NIST FIPS PUB 180-3
RSA can be implement by logic or firmware(?need confirm which one)
***
Elliptic curve cryptography P256
ECC Hardware Accelerator (P-384 Curve) block
M2S:FIPS PUB 186-3
PCR, locality, physical presence
Password,policy
Password,policy can be implemented by eNVM,firmware,logic
?They can be implemented by IP
NVM:Unstructured data
NVM:Unstructured data, Counter, Bitmap, Extend
128kbit eNVM
Anything can be implemented in logic based flash process
发表于 2018-9-12 18:06:17
