TCPA not virtualizable during ownership change (Re: Overcoming the potential downside of TCPA)

Thu Aug 15 22:49:01 EDT 2002

I arrived at that decision over four years ago ... TCPA possibly didn't
decide on it until two years ago. In the assurance session in the TCPA
track at spring 2001 intel developer's conference I claimed my chip was
much more KISS, more secure, and could reasonably meet the TCPA
requirements at the time w/o additional modifications. One of the TCPA guys
in the audience grossed that I didn't have to contend with the committees
of hundreds helping me with my design.

There are actually significant similarities between my chip and the TPM
chips.

I'm doing key gen at very first, initial power-on/test of wafer off the
line (somewhere in dim past it was drilled into me that everytime something
has to be handled it increases the cost).

Also, because of extreme effort at KISS, the standard PP evaluation stuff
gets much simpler and easier because most (possibly 90 percent) of the
stuff is N/A or doesn't exist

early ref:
http://www.garlic.com/~lynn/aadsm2.htm#staw

or refs at (under subject aads chip strawman):
http://www.garlic.com/~lynn/index.html#aads

brand & other misc. stuff:
http://www.asuretee.com/

random evauation refs:
http://www.garlic.com/~lynn/aadsm12.htm#13 anybody seen (EAL5) semi-formal
specification for FIPS186-2/x9.62 ecdsa?
http://www.garlic.com/~lynn/2002j.html#86 formal fips186-2/x9.62 definition
for eal 5/6 evaluation

adam at cypherspace.org on 8/15/2002 6:44 pm wrote:

I think a number of the apparent conflicts go away if you carefully
track endorsement key pair vs endorsement certificate (signature on
endorsement key by hw manufacturer).  For example where it is said
that the endorsement _certificate_ could be inserted after ownership
has been established (not the endorsement key), so that apparent
conflict goes away.  (I originally thought this particular one was a
conflict also, until I noticed that.)  I see anonymous found the same
thing.

But anyway this extract from the CC PP makes clear the intention and
an ST based on this PP is what a given TPM will be evaluated based on:

http://niap.nist.gov/cc-scheme/PPentries/CCEVS-020016-PP-TPM1_9_4.pdf

p 20:
| The TSF shall restrict the ability to initialize or modify the TSF
| data: Endorsement Key Pair [...] to the TPM manufacturer or designee.

(if only they could have managed to say that in the spec).

Adam
--
http://www.cypherspace.org/adam/

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com