On Tuesday, December 10, 2019 12:05:52 PM MST Przemek Klosowski via devel
wrote:
On 12/10/19 1:04 PM, Kevin Kofler wrote:
> Przemek Klosowski via devel wrote:
>
>> 3) Multiple keys allow creating backup keys, preventing the data loss
>> scenario Kevin is worried about. Of course this assumes that the UX for
>> creating backup keys exists, and that people actually do that---but it's
>> possible in principle.
>
> The backup key is useless in that scenario if you cannot export it to
> another TPM, and isn't preventing such an export the whole point of the
> TPM technology?
Of course, the primary private key cannot be extracted from the original
TPM. The easiest key recovery scheme would have two encrypted copies of
the media encryption keys, one encrypted with the TPM-secured key and
another encrypted with the backup/recovery key that you keep in a
separate 'enterprise' key backup system. Here's one paper describing TPM
key backup/recovery:
https://www.infineon.com/dgdl/Infineon-TPM_Key_Backup_and_Recovery-AP-v01_00
-EN.pdf?fileId=db3a304412b407950112b41656d7203a
To clarify a bit, the most common method of extracting a key from a TPM has
been to simply desolder the TPM from the system and solder it onto another
system. This works with the popular implementations.
--
John M. Harris, Jr.
Splentity