Key Management with Trusted Platform Modules The concept of Trusted Computing, which aims at making computing platforms more reliable, is based on a chip called Trusted Platform Module (TPM). The TPM is a chip which provides cryptographic functionality like RSA encryption and secure key storage. The aim of the Master’s project was to analyse and implement TPM based pre-boot authentication for the disc encryption software Pointsec for PC. The system was analysed with respect to manageability and security. With regard to manageability the findings were that two critical implementation factors will be interoperability and user transparency. Some TPM features are not standardized which complicates the implementation of a general system. Recovery from password loss or hardware failure can be achieved with Remote help or TPM key backup. The security analysis focused on the software and hardware attack mitigation integrated into the TPM. The chip was found to be somewhat vulnerable to sophisticated laboratory based attacks but fully comparable to smartcards
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.