We saw in a previous blog that persistent hierarchies (endorsement, platform and storage) of TPM have a seed of their own. These are the unique keys that are bound to a specific TPM and cannot be migrated outside of a TPM. Now let us look at the two categories of keys in a TPM: 1. This way keys remain secure in TPM even if the host system is infected with malware. You can then verify the signature with the corresponding public key.
Let’s say you need to generate a signature: you can indicate the private key you wish to use from the TPM to sign the message. You can never read out private keys, or in other words retrieve them as is from the TPM. A Trusted Platform Module (TPM) can securely store cryptographic keys that are specific to the host system and provide restricted access to the stored keys and secrets.
0 kommentar(er)
