Title: On the provable security of TPM2.0 cryptography APIs

Authors: Xiaobo Chu; Dengguo Feng

Addresses: TCA Laboratory, Institute of Software, Chinese Academy of Science, Beijing, China ' TCA Laboratory, Institute of Software, Chinese Academy of Science, Beijing, China

Abstract: Trusted platform module (TPM), core of trusted computing technique, is one of the most prevalent security chips in the world. In 2013, Trusted Computing Group formally upgraded TPM specification to version 2.0, and introduced a comprehensive and powerful trusted computing technique architecture. However, the new specification is rather complex and thus error prone, which makes it necessary to evaluate TPM2.0's security. In this paper, we focus on cryptography subsystem of TPM2.0. We define the first computation model of TPM2.0 cryptography APIs, and prove their security in this strong model using game sequence and simulation. This proof provides high level confidence on security guarantee of TPM2.0 cryptography subsystem. We also carry out experiments on these APIs and compare them with previous version. The experiment shows that flexibility of TPM2.0 does not reduce its performance, meanwhile, real TPM2.0 product still needs to be improved.

Keywords: Trusted Computing Group; TCG; trusted platform module; TPM; TPM2.0; key management; cryptography; secure APIs; provable security; embedded system; API security; game sequence; simulation.

DOI: 10.1504/IJES.2015.072369

International Journal of Embedded Systems, 2015 Vol.7 No.3/4, pp.230 - 243

Received: 10 Jul 2014
Accepted: 24 Oct 2014

Published online: 11 Oct 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article