Chapter 9 discussed the general concept of hierarchies and their use cases. TPM 2.0 has three hierarchies, each with at least one root. Second, TPM 1.2 has only one key hierarchy: the storage hierarchy. The design of TPM 2.0, of course, permits multiple algorithms and key sizes. First, it had only one algorithm and key size for wrapping keys, RSA-2048. There were two reasons TPM 1.2 could function with one SRK. Primary seeds, described shortly, permit the expansion. Although you might think the number would be limited by the TPM persistent storage, it's not. TPM 2.0 permits an unlimited number of primary keys, which don't need to be persistent. If you're familiar with TPM 1.2, you know that it has one key equivalent to the TPM 2.0 primary key: the storage root key (SRK), which is persistently stored in the TPM. Primary keys are created with the aptly named command TPM2_CreatePrimary. Although end users may use primary keys, they would not typically be creating them. Provisioning software (see Chapter 19) typically performs these steps.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |