----- Message from "Li, David" <LiD(a)cloudshield.com>
on Thu, 8 Sep
2011 17:15:40 -0700 -----
[Trusted-computing] A Question on EK
We are supposed to trust the CA that issues the EK certificate. The
chain of trust from this point on allows creation of other keys for
signing and storage. But what if we are not sure if the CA for the
EK is 100% trustable given that the TPM vendor is not totally
trustable? Is there any way to trust all the latter key creations?
The spec says users can create their own EK and use their own CA to
certify it. Can this approach solve the above problem?
In my opinion, if you can't trust the TPM hardware (or software in a
virtual TPM),
the game is over.
Some TPMs might allow external creation of an EK, but it's vendor
specific.
Others may allow you to run a command and have the TPM generate an EK.
However, you don't gain any security by putting a very strong key into
weak
hardware.
Similarly, it doesn't help to certify a weak key with a strong CA.