TPM Analysis Notes (Part One) - History of TPM

The Trusted Platform Module (TPM) is a hardware module used to enhance computer security. TPM can be seen both as a set of specifications defining the requirements for secure crypto processors and as an implementation of these specifications in the form of TPM chips.

History of TPM

Why Choose TPM?

In the 1990s, as the internet rapidly expanded, the way personal computers connected and the need for security dramatically changed. Early personal computer designs rarely considered security requirements, resulting in a lack of corresponding hardware and software support. To address this issue, a group of computer engineers designed the first generation of TPM, providing a foundational security layer for personal computers. These engineers later formed the Trusted Computing Group (TCG).
The initial purpose of TPM was to create a hardware security module for storing and managing encryption keys, ensuring the safety of these keys and the data they protect. Each TPM has a primary “wrapping” key, known as the storage root key, stored internally. TPMs can also create keys bound to specific platform measurements, which can only be unsealed if the platform measurements match those taken when the key was created.

Development from TPM 1.1b to 1.2

TPM 1.1b

Released in 2003, TPM 1.1b included the following key features:

• Key Generation: Primarily for generating RSA keys.
• Key Storage: Securely storing generated keys.
• Secure Authorization: Controlling access to keys and other sensitive data.
• Device Security State Authentication: Using Platform Configuration Registers (PCRs) to store measurements taken during system boot, ensuring the system’s boot process is secure.

Additionally, TPM 1.1b introduced anonymous identity keys to protect user privacy and required a Privacy Certificate Authority (CA) to certify keys were generated in genuine TPM hardware.
However, TPM 1.1b had some issues:

• Hardware Compatibility: Different manufacturers’ TPM chips had slight variations, necessitating different drivers.
• Lack of Dictionary Attack Protection: Attackers could use dictionary attacks to guess passwords.

TPM 1.2

To address the shortcomings of TPM 1.1b, TPM 1.2 was released in 2005 with significant improvements:

• Dictionary Attack Prevention: Introduced mechanisms to prevent dictionary attacks.
• Direct Anonymous Attestation (DAA): Provided a second method for anonymous keys.
• Delegated Key Authorization and Management: Added support for key authorization and management.
• Non-Volatile Memory (NVRAM): Included NVRAM to store critical certificates, with a one-way counter to control memory access.

TPM 1.2 also resolved issues related to key migration, allowing users to create keys that could only be migrated by third parties, known as Certified Migratable Keys. Moreover, TPM 1.2 maintained compatibility with TPM 1.1b software by keeping the application-layer coding interface unchanged.
From 2005 onwards, TPM 1.2 was widely deployed in most x86 personal computers and began appearing in servers in 2008 (e.g., Google’s Intel TXT).

Evolution from TPM 1.2 to 2.0

Addressing Security Needs

Around 2005, cryptographic researchers identified vulnerabilities in the SHA-1 algorithm. Despite its extensive use in TPM 1.2, SHA-1’s security was increasingly questioned. TCG responded by developing the TPM 2.0 specification to provide more flexible algorithm support and address SHA-1’s security weaknesses.

Design Improvements in TPM 2.0

The design goals for TPM 2.0 included:

• Flexible Algorithm Support: Avoid hardcoding SHA-1 or any other specific algorithm, allowing any algorithm to be chosen through algorithm identifiers.
• Combining Asymmetric and Symmetric Encryption: Used asymmetric keys to encrypt symmetric keys, improving encryption efficiency.
• Simplified Authentication and Authorization Mechanisms: Unified authentication techniques and added multiple key hierarchies to cater to different user roles.

TPM 2.0 made significant architectural changes to adapt to future security needs. It also required TPMs to maintain the accuracy of internal counters without power, enhancing overall system security.

Development of TPM 2.0 Specification

The development of the TPM 2.0 specification took several years, with numerous revisions and enhancements made by a team of experts and engineers. Members of the specification committee delved deeply into the specifications, submitting numerous suggestions to improve consistency and readability.
In 2015, the TPM 2.0 specification was approved as an ISO/IEC international standard (ISO/IEC 11889:2015). This standard combined hardware and software security technologies to protect encryption keys, prevent private key leakage, and record and anonymously report software loaded during the boot process.

TPM Standards

The TPM 2.0 specification, released by the Trusted Computing Group (TCG), was approved as an ISO/IEC international standard in 2015, becoming ISO/IEC 11889:2015. This standard received support from multiple countries and combined hardware and software security technologies to offer robust security. TPM 2.0 not only protects encryption keys and prevents private key leakage but also shields PIN codes used for authentication and records and anonymously reports software loaded during the boot process.

Common Uses of TPM

1. Storing and Managing Passwords: TPM can store and manage BIOS passwords and hard disk passwords, offering higher security than traditional BIOS methods. Traditional BIOS-stored passwords can be reset by clearing the CMOS battery, whereas TPM-stored passwords remain secure.
2. Broad Encryption Capabilities: TPM can encrypt not only the boot process and hard disks but also system logins and application logins. For example, login information for services like MSN, QQ, online games, and online banking can be encrypted by TPM, preventing information and password theft.
3. Encrypting Hard Drive Partitions: TPM can encrypt any hard drive partition to protect sensitive files. Some laptop manufacturers use TPM for one-key recovery functions, while large software companies (like Microsoft) use TPM for encrypted partitions.
4. Supporting Secure Boot: TPM ensures that the system’s boot process is unaltered and free from malware, enhancing overall system integrity.
5. Enhanced Virtualization Security: In virtual environments, TPM can isolate security policies between virtual machines, ensuring each VM’s security configuration is independent.
6. Remote Attestation: TPM can generate trustworthy reports on the system’s state for remote verification, enhancing network communication security.

Summary of Development

The TPM specifications have undergone two major revisions:

1. TPM 1.1b to 1.2: Combined and enhanced existing features, adding new functions but also increasing complexity.
2. TPM 2.0: Redesigned from the ground up, offering a more integrated and unified architecture to address SHA-1 weaknesses and provide flexible algorithm support.

TPM technology continues to evolve, providing strong security guarantees for computer systems and becoming an essential part of modern computers and network devices. TPM’s wide application is not only due to its secure hardware design but also its ability to work with various software solutions to offer comprehensive security. Through TPM technology, users can achieve secure storage, transmission, and management of data, ensuring the overall security of the computing environment.