What Is TPM? Manufacturing, Management and Maintenance Of TPM – POFTUT

What Is TPM? Manufacturing, Management and Maintenance Of TPM

by

Trusted Platform Module or TPM is an international standard for a secure cryptoprocessor.  This standard is developed by Trusted Computing Group and standardized by International Organizational Standardization (ISO) and International Electrotechnical Commission (IEC)  with number ISO/IEC 11889 in 2009.

Versions

TCG continues to revise the  TPM specification. Latest version is released at October 2014 with number 2.0

Manufacturing

TPM hardware is manufactured by different manufacturers. Important thing while buying and TPM is looking for its certificate. Trusted computing group certificates these manufactures. Certificated manufacturers and products can be found in the following link.

 

TPM Certified Products

Some of know certified manufacturers are;

  • STMicroelectronics
  • Infineon Technologies
  • Nuvoton Technologies

TPM Architecture

A TPM hardware generally consist of Cryptographic processor, Persisten memory and Versatile memory.

Cryptographic processor is used to;

  • Generate random numbers
  • Generate RSA keys
  • Generate SHA-1 hash
  • Encryption-Decryption signature operations

Persistent Memory is used to;

  • Store Endorsement Key (EK)
  • Root Key (SRK)

Versatile Memory is used to;

  • Store platform configuration registers
  • Store Attestation Identity Keys
  • Store other keys
TPM Architecture
TPM Architecture

Algorithm Support

For standard version 1.2 SHA-1 and RSA are required. AES is optional. Triple DES is banned.

For version 2 SHA-1 and SHA-256 are required for hash operations. RSA and AES algorithms are required for encryption operations.

Management

TPM can be used for various operating systems like Windows, Linux, etc . Windows operating systems starting from Windows server 2008 and Windows 7 provides TPM Management console and API  called TPM Base Services (TBS).

Windows TPM Management

In order to manage TPM with Windows operating systems the TPM should be initialized which can be started from run with the following command.

tpm.msc
Windows TPM Management
Windows TPM Management

In the actions pane click Initialize TPM and complete steps like password etc.

Linux TPM Management

Linux TPM devices are managed with tcsd tool. TPM device drivers are supported by Linux kernel natively so there is no need to install extra driver for standard TPM devices.

LEARN MORE  How To Specify Ssh Keys When Running Shell Command Like Git,Rsync

TPM service can be started an initialized with the following command as root.

$ tcsd -f

Leave a Comment