Using TPM Secure Storage in Trusted High Availability Systems
Author
Editor
- Moti Yung
- Liehuang Zhu
- Yanjiang Yang
Summary, in English
We consider the problem of providing trusted computing
functionality in high availability systems. We consider the case where
data is required to be encrypted with a TPM protected key. For redundancy,
and to facilitate high availability, the same TPM key is stored in
multiple computational units, each one ready to take over if the main
unit breaks down. This requires the TPM key to be migratable. We show
how such systems can be realized using the secure storage of the TPM.
Hundreds of millions TPM 1.2 chips have been shipped but with the recent
introduction of TPM 2.0, more manufacturers are expected to start
shipping this newer TPM. Thus, a migration from TPM 1.2 to TPM 2.0
will likely be seen in the next few years. To address this issue, we also
provide an API that allows a smooth upgrade from TPM 1.2 to TPM
2.0 without having to redesign the communication protocol involving the
dierent entities. The API has been implemented for both TPM 1.2 and
TPM 2.0.
functionality in high availability systems. We consider the case where
data is required to be encrypted with a TPM protected key. For redundancy,
and to facilitate high availability, the same TPM key is stored in
multiple computational units, each one ready to take over if the main
unit breaks down. This requires the TPM key to be migratable. We show
how such systems can be realized using the secure storage of the TPM.
Hundreds of millions TPM 1.2 chips have been shipped but with the recent
introduction of TPM 2.0, more manufacturers are expected to start
shipping this newer TPM. Thus, a migration from TPM 1.2 to TPM 2.0
will likely be seen in the next few years. To address this issue, we also
provide an API that allows a smooth upgrade from TPM 1.2 to TPM
2.0 without having to redesign the communication protocol involving the
dierent entities. The API has been implemented for both TPM 1.2 and
TPM 2.0.
Department/s
Publishing year
2014
Language
English
Pages
243-258
Publication/Series
Lecture Notes in Computer Science
Volume
9473
Full text
- Available as PDF - 304 kB
- Download statistics
Document type
Conference paper
Publisher
Springer
Topic
- Electrical Engineering, Electronic Engineering, Information Engineering
Keywords
- Trusted Computing
- TPM
- Migration
- Certiable Migration Key
- Secure Storage
Conference name
INTRUST 2014
Conference date
2014-12-16 - 2014-12-17
Conference place
Beijing, China
Status
Published
Research group
- Crypto and Security
ISBN/ISSN/Other
- ISSN: 0302-9743
- ISBN: 978-3-319-27997-8
- ISBN: 978-3-319-27998-5