Advanced TPM Security

The course will start with a brief overview of cryptographic principles, symmetric, asymmetric encryption, hash-based authentication, digital signatures, the public key architectures and the use of OpenSSL basic commands as the TPM programming will heavily build on these principles.

TPM chip features form a complex toolset in order to provide root of trust protection, measurement of integrity, secure storage and secure auditing and reporting. All these features are backed with key management, organized into special hierarchies. In order to provide a robust solution for measuring the integrity of software and build a secure boot loading procedure, the TPM chips use so-called Platform Counter Registers (PCR). Several exercises will help to understand the operation of the PCR based hash calculation mechanism. The secure and protected storage is solved by the TPM with the concept of non-volatile memory blocks addressed by NV indexes, which also have special forms, like NV Counters, Bit Fields and NV Extend Indexes. Besides these TPM specific concepts, the usual crypto primitives and how TPM supports their secure execution will also be discussed and demonstrated by hands-on exercises.

The more complex application of TPM based secure solutions will be demonstrated on a sample application framework that was developed for educational purposes. This demonstration application covers the topics of device identification, firmware integrity protection, secure boot loader, chain of trust verification remote attestation and encryption-based solutions. Within this application framework on one hand, we will be able to demonstrate the typical implementation mistakes, pitfalls of past incidents that led to exploitable security weaknesses and on the other hand provide hands-on exercises for the participants to implement their secure solutions based on TPM chip features.

The course is supplemented with real world case studies connected to the explained topics.