TPM 9672 Tamper proof Keys and Certificates

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
Dev_2048
Level 1
Level 1
10 sign-ins First solution authored 5 sign-ins

Hi all,

I want to secure the RootCA/Keys from being tampered with or altered on the device.

How to do a Proof of Concept for the same, proving RootCA/Keys generated by TPM9672 cannot be tampered?

TPM9672 can wrap keys and password-protected "tpm2tss-genkey -a rsa -s 2048 ./tpm2/tpm_wrapped_keys/client. Key -p passw0rd" but is not able to conclude POC.


Thank You!

@Sneha_P 

0 Likes
1 Solution
Dev_2048
Level 1
Level 1
10 sign-ins First solution authored 5 sign-ins

Hi @Sneha_P

Thank you for the information provided. It's really helpful.
I'm working on it. The Root of Trust for Storage can fulfill the requirements for Proof of Concept. 
I will let you know if any further information is needed. 

View solution in original post

0 Likes
2 Replies
Sneha_P
Moderator
Moderator
Moderator
250 replies posted 250 sign-ins First comment on blog

Hi @Dev_2048,

OPTIGA TPMs are TCG compliant and the hardware and firmware are evaluated by CC (Common Criteria) and FIPS. According to TCG Protection Profile, TPM 2.0 products demonstrate FIPS 140-2 Level 2 and EAL4+ CC certification making it tamper-resistant.
TCG Protection Profile for PC Client Specific TPM 1.2 Version 1.3 Revision 116 .

0 Likes
Dev_2048
Level 1
Level 1
10 sign-ins First solution authored 5 sign-ins

Hi @Sneha_P

Thank you for the information provided. It's really helpful.
I'm working on it. The Root of Trust for Storage can fulfill the requirements for Proof of Concept. 
I will let you know if any further information is needed. 

0 Likes