Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1249227
  • 博文数量: 298
  • 博客积分: 10050
  • 博客等级: 上将
  • 技术积分: 3277
  • 用 户 组: 普通用户
  • 注册时间: 2007-03-14 13:36
文章分类
文章存档

2015年(7)

2012年(1)

2010年(5)

2009年(55)

2008年(73)

2007年(160)

我的朋友

分类:

2007-08-16 12:46:42

正在看TCG的规范,为了方便,把一部分翻译出来,也是为了以后便于理解和查找!
 
4. TPM Architecture
4.1 Interoperability
Start of informative comment
The TPM must support a minimum set of algorithms and operations to meet TCG specifications.
Algorithms
RSA, SHA-1, HMAC
The algorithms and protocols are the minimum that the TPM must support. Additional algorithms and protocols may be available to the TPM. All algorithms and protocols available in the TPM must be included in the TPM and platform credential.
The reason to specify these algorithms is two fold. The first is to know and understand the security properties of selected algorithms; identify appropriate key sizes and ensure appropriate use in protocols. The second reason is to define a base level of algorithms for interoperability.
End of informative comment
4 TPM架构
  4.1 互操作性
   TPM必须支持最低限度的算法和操作来符合TCG的规范
    算法:有RSA, SHA-1, HMAC
    这几个算法是TPM必须支持的最小值,另外的算法和协议对TPM也可以使用。在TPM中所有可利用算法和协议,必须包括在TPM 和平台证书里面。
    指定这些算法的原因从两方面来说,首先是认识和理解选择算法的安全特性, 确定正确的秘钥大小,确保协议的适当使用,第二个原因是定义一个可互操作的基准算法。 
 
TPM: 可信赖平台模块
TCG:可信赖计算集团 
 
4.2.1	Input and Output
Start of informative comment
The I/O component, Figure 4:a C0, manages information flow over the communications bus. It performs protocol encoding/decoding suitable for communication over external and internal buses. It routes messages to appropriate components. The I/O component enforces access policies associated with the Opt-In component as well as other TPM functions requiring access control.
The main specification does not require a specific I/O bus. Issues around a particular I/O bus are the purview of a platform specific specification.
End of informative comment
4.2.1 输入和输出
评论内容开始
I/O部件,图4:a CO,管理信息流出到通信总线上。他执行适合内部和外部通信上的协议编解码,他传递信息到适当的部件。I/O部件执行选择部件的存取控制策略和TPM功能要求的存取控制策略。
主要的规范不要求详细的I/O总线,讨论详细的I/O总线是平台特定规范的范围.
评论内容结束 
 
4.2.2	Cryptographic Co-Processor
1. The TPM MAY implement other asymmetric algorithms such as DSA or elliptic curve. 
a.	These algorithms may be in use for wrapping, signatures and other operations. There is no guarantee that these keys can migrate to other TPM devices or that other TPM devices will accept signatures from these additional algorithms.
2.	All Storage keys MUST be of strength equivalent to a 2048 bits RSA key or greater. The TPM SHALL NOT load a Storage key whose strength less than that of a 2048 bits RSA key.
3.	All AIK MUST be of strength equivalent to a 2048 bits RSA key, or greater.
4.2.2加密协处理器
1, TPM可能执行其他的非对称算法,例如DSA或椭圆曲线	
     a,这些算法可能用来包装,签名和其他操作,这并不保证这些秘钥可以移植到其他TPM设备或其他接受这些额外算法签名的TPM设备。
2,所有存贮的秘钥必须大于或等于2048位的RSA秘钥。TPM不应当加载小于2048位的RSA秘钥。
3,所有的AIK必须同2048位RSA秘钥同样强大,或更大。
AIK(证明身份秘钥)
 
4.2.2.1	RSA Engine
1.	The TPM MUST support RSA.
2.	The TPM MUST use the RSA algorithm for encryption and digital signatures.
3.	The TPM MUST support key sizes of 512, 768, 1024, and 2048 bits. The TPM MAY support other key sizes. 
a.	The minimum RECOMMENDED key size is 2048 bits.
4.	The RSA public exponent MUST be e, where e = 216+1.
5.	TPM devices that use CRT as the RSA implementation MUST provide protection and detection of failures during the CRT process to avoid attacks on the private key.


4.2.2.1 RSA引擎
1, TPM必须支持RSA
2, TPM必须使用RSA算法来加密和数字签名。
3, TPM必须支持512,768,1024和2048位的密钥大小。TPM可以支持其他密钥容量。
   a, 推荐的秘钥最小是2048位。
4,RSA 公开方次数必须是e, e = 216+1 。
5, 使用CRT作为RSA实现的TPM设备必须提供保护和失败探测,避免在CRT处理过程中私钥被攻击。
10.	Physical Presence 
Start of informative comment
This specification describes commands that require physical presence at the platform before 

the command will operate. Physical presence implies direct interaction by a person – i.e. 

Operator with the platform / TPM.
The type of controls that imply special privilege include:
 0  Clearing an existing Owner from the TPM,
 0  Temporarily deactivating a TPM, 
 0  Temporarily disabling a TPM. 
Physical presence implies a level of control and authorization to perform basic 
administrative tasks and to bootstrap management and access control mechanisms.



Protection of low-level administrative interfaces can be provided by physical and electrical 
methods; or by software; or a combination of both. The guiding principle for designers is 
the protection mechanism should be difficult or impossible to spoof by rogue software. 
Designers should take advantage of restricted states inherent in platform operation. For 
example, in a PC, software executed during the power-on self-test (POST) cannot be disturbed 
without physical access to the platform. Alternatively, a hardware switch indicating 
physical presence is very difficult to circumvent by rogue software or remote attackers.
TPM and platform manufacturers will determine the actual implementation approach. The 
strength of the protection mechanisms is determined by an evaluation of the platform.
Physical presence indication is implemented as a flag in volatile memory known as the 
PhysicalPresenceV flag. When physical presence is established (TRUE) several TPM commands 
are able to function. They include:
TPM_PhysicalEnable,
TPM_PhysicalDisable,
TPM_PhysicalSetDeactivated,
TPM_ForceClear,
TPM_SetOwnerInstall,
10 物理存在
这个规范描述了命令在平台操作前要求物理存在。物理存在意味着个人直接相互作用,也就是说操作者是

平台TPM.
这种类型的控制意味着专门的特权包括:
 0 从TPM中清除现有的所有者
 0 暂时使TPM无效。(deactivating)
 0 暂时使TPM无能力(disabling)
物理存在意味着一个控制和授权级别来执行基本的管理任务和引导管理及存取控制机制。
低级别管理接口的保护可以通过提供物理和电子方法,或者软件,或者两者组合。对设计者的指导原则是
保护机制应当非常难或不可能被恶意软件欺诈。设计者应当利用平台操作内部受限的状态。例如,在PC中
,软件在开机自检时不能被没有物理存取平台所打扰。可选的是,硬件开关指示物理存在非常难被恶意软
件和远程攻击者欺骗。TPM和平台制造者确定实际的实现方法。保护机制的强度决定了平台的评价。物理
存在指示实现作为一个PhysicalPresenceV标记在易失性存储器上。当物理存在确定为TRUE,几个TPM命令
可以执行,它们包括:
TPM_PhysicalEnable,
TPM_PhysicalDisable,
TPM_PhysicalSetDeactivated,
TPM_ForceClear,
TPM_SetOwnerI 
 
24.	Initialization Operations 
Start of informative comment
Initialization is the process where the TPM establishes an operating environment from a no power state. Initialization occurs in many different flavors with PCR, keys, handles, sessions and context blobs all initialized, reloaded or unloaded according to the rules and platform environment.
Initialization does not affect the operational characteristics of the TPM (like TPM Ownership). 
Clear is the process of returning the TPM to factory defaults. The clear commands need protection from unauthorized use and must allow for the possibility of changing Owners. The clear process requires authorization to execute and locks to prevent unauthorized operation.
The clear functionality performs the following tasks:
Invalidate SRK. Invalidating the SRK invalidates all protected storage areas below the SRK in the hierarchy. The areas below are not destroyed they just have no mechanism to be loaded anymore.
All TPM volatile and non-volatile data is set to default value except the endorsement key pair. The clear includes the Owner-AuthData, so after performing the clear, the TPM has no Owner. The PCR values are undefined after a clear operation.
The TPM shall return TPM_NOSRK until an Owner is set. After the execution of the clear command, the TPM must go through a power cycle to properly set the PCR values.
The Owner has ultimate control of when a clear occurs.
The Owner can perform the TPM_OwnerClear command using the TPM Owner authorization. If the Owner wishes to disable this clear command and require physical access to perform the clear, the Owner can issue the TPM_DisableOwnerClear command.
During the TPM startup processing anyone with physical access to the machine can issue the TPM_ForceClear command. This command performs the clear. The TPM_DisableForceClear disables the TPM_ForceClear command for the duration of the power cycle. TSS startup code that does not issue the TPM_DisableForceClear leaves the TPM vulnerable to a denial of service attack. The assumption is that the TSS startup code will issue the TPM_DisableForceClear on each power cycle after the TSS determines that it will not be necessary to issue the TPM_ForceClear command. The purpose of the TPM_ForceClear command is to recover from the state where the Owner has lost or forgotten the TPM Ownership token. 
The TPM_ForceClear must only be possible when the issuer has physical access to the platform. The manufacturer of a platform determines the exact definition of physical access.
End of informative comment
1.	The TPM MUST support proper initialization. Initialization MUST properly configure the TPM to execute in the platform environment. 
2.	Initialization MUST ensure that handles, keys, sessions, context blobs and PCR are properly initialized, reloaded or invalidated according to the platform environment.
3.	The description of the platform environment arrives at the TPM in a combination of TPM_Init and TPM_Startup.
24,初始化操作
初始化是从没有启动状态到TPM建立操作环境的过程。
...
初始化不影响TPM的操作特性(例如 TPM所有权).
清除是TPM返回到出厂默认值的过程。清除命令需要保护以免未授权的使用,而且必须允许改变所有权的

可能性。清除过程需要认证来执行和锁定去阻止未授权的操作。
清除功能执行下列任务:
    使SRK无效,使在SRK层次上所有保护的区域无效。它们没有被销毁,只是不再有效。
所有TPM易失性和非易失性数据被设为默认值,除了认可key对。清除包括Owner-AuthData,所以在清除执

行以后,TPM没有所有者。 在清除操作之后PCR值是未定义的。
    在所有者设置之前,TPM应当返回TPM_NOSRK. 在执行清除命令之后,TPM必须经过一个周期来适当的设

置PCR的值。
    所有者拥有对清除发生时最终的控制。
    拥有者可以利用所有者认证来执行TPM_OwnerClear 。如果拥有者希望使这个清楚命令失效,要求物

理存取才能执行清除,所有者可以执行TPM_DisableOwnerClear命令。
    

在TPM启动处理过程中任何物理操作可以执行TPM_ForceClear命令。这个命令执行清除动作。TPM_Disable

ForceClear使TPM_ForceClear命令在启动周期中无效。TSS启动代码没有发布TPM_DisableForceClear命令

让TPM容易遭受攻击。.................
TPM_ForceClear仅当发行者有物理存取平台时才有可能执行。平台的制造商确定物理存取的精确定义。

1,TPM必须支持正确的初始化,初始化必须适当的配置TPM到执行平台环境。
2,初始化必须确保句柄,键,会话,上下文块和PCR是适当的被初始化,根据平台环境重新装载或失效。
3,到达描述的平台环境是TPM_Init和TPM_Startup的组合。
 
阅读(3436) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~