Information Security: The Strength and Vulnerabilities of The Trusted Platform Module

962 Words 4 Pages
Progressive technological development has paved the way for the ever increasing addition of multiple disparate devices. Devices which have the capability to connect to each other over a network affording them the ability to communicate with ease. Unfortunately the improved proficiency for communication carries with it a negative impact on information security. This detriment comes through the increased possibility of data loss and vulnerability exploitation. In this paper, we will seek to define one such measure to ensure security; by utilizing the Trusted Platform Module (TPM). We will also explore the strengths and vulnerabilities of the Trusted Platform Module as well as attacks against the TPM both in terms of hardware and software. …show more content…
The Trusted Computing Group requirement states the Trusted Platform Module must provide for resistance from tampering. Every Trusted Platform Module chip contains a pair of RSA keys termed the Endorsement Key (EK). This RSA key pair is kept inside the chip and cannot be retrieved by software. The Storage Root Key is generated when users seize ownership of the system. This key pair is created by the Trusted Platform Module established by the Endorsement Key and an owner-defined password. Another key termed the Attestation Identity Key (AIK) guards the system against unapproved alterations to software or firmware. This is accomplished by hashing vital segments of firmware and software prior to being implemented. (Mason, 2005)

Logically, the TPM is organized into separate hardware and software elements. Each of one those elements have its own function. The Trusted Platform Module includes several operational mechanisms. The first is a cryptographic coprocessor which deals with digital signing, encryption, and hash computation. The need to validate the configuration of software in a secure manner brings us to second crucial component. (Winter & Dietich, 2012) The second noteworthy mechanism is identified as the Platform Configuration Register. There are at least sixteen Platform Configuration Registers contained within a Trusted Platform Module. These registers

Related Documents