[tc-rg] Trusted Computing Use Case Document
wenbo.mao at hp.com
Mon Jun 27 20:43:49 CDT 2005
TPM should be very reliable. My TPM has served me one year and never
failed. I posted the break down possibility for the matter of principle.
Since under TCG, a TPM is unique to a platform (uniquely identifies a
platform) and the integration cannot be undo by the platform owner, when
a platform stops serve, the TPM dies together.
In the scenario you concern (a TPM crashes in the middle of exporting a
certificate), I would imagine this a benign problem since nothing has
really done yet (in terms of loss of user's mission critical data).
David Chadwick wrote:
> just how likely are TPMs to break down? Any idea? We are planning to
> use one to secure the keys for our secure audit web service. We do
> plan to export the private encryption key in PKCS#12 format to be on
> the safe side, but if a TPM crashed in the middle of writing an audit
> file, then we would not be able to validate that the file was intact
> on reboot.
> Wenbo Mao wrote:
>> Under the item "securing the issue of credentials," or maybe under
>> "helping users to secure their credentials," somewhere in the system
>> needs a backup server to work (maybe in a MyProxy position). This is
>> necessary in case the user's TPM breaks down. This means that a user
>> private key can be exported from a TPM to the backup server when the
>> key is generated.
>> While a user's mission critical data can be recovered by working with
>> the backup server, an attested remote execution (eg, for secure
>> multi-party computation, SMPC) should use a non-exportable key
>> (attestation identity key, AIK), therefore existing a backup server
>> can't damage SMPC.
>> Just my few pence (or US cents in Chicago:-)
>> Andrew Martin wrote:
>>> Dear all,
>>> Thinking about the Trusted Computing use case document, I have come up
>>> with five headings under which to arrange use cases:
>>> * securing the issue of credentials
>>> CA ops etc..
>>> * helping users to secure their credentials
>>> long term
>>> short term (proxies etc..)
>>> * secure data storage
>>> data grid applications??
>>> * attested remote execution
>>> grid compute jobs/data centre processing
>>> public resource distributed computing
>>> * infrastructure management
>>> distributed firewalls, trusted gateways, etc..
>>> Have I missed any big areas? Do these overlap too much?
>>> Can you (especially those who promised at the BOF in Seoul!)
>>> contribute use cases under these headings (or otherwise)? Please
>>> come along on Wednesday and enter the discussion (or send me an
>>> email if you can't make it).
>>> Best regards
Dr Wenbo Mao
Principal Engineer Tel: +44 (0)117 312 9528
Hewlett-Packard Labs. Fax: +44 (0)117 312 9285
Filton Road, Bristol Email: wenbo.mao at hp.com
United Kingdom BS34 8QZ http://www.hpl.hp.com/personal/wm
More information about the tc-rg