A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security by Arthur Will & Challener David
Author:Arthur, Will & Challener, David [Arthur, Will]
Language: eng
Format: epub
ISBN: 9781430265832
Publisher: Apress
Published: 2015-01-27T22:00:00+00:00
This chapter doesn’t describe the various policy authorization commands. Nor does it describe decrypt, encrypt, and audit sessions, other than to note that sessions are the vehicle for setting these.
This chapter uses diagrams, logical flows, and working code examples to illustrate how authorizations and sessions work. This material is foundational to understanding TPM 2.0. Get ready for a deep but rewarding dive.
Session-Related Definitions
Before you delve into this subject, you need to clearly understand some new terms. These are in addition to the terms described in Chapter 5; you should refer to those definitions as well as these while reading this chapter:
Session creation variations: These are set at session creation time and last for the lifetime of the session. They determine how the session and HMAC keys are created and how the HMAC is generated. There are two choices here: bound vs. unbound, and salted vs. unsalted. The combination of these two choices results in four session variations. These are discussed in detail later. For now, here are high-level descriptions: Bound sessions essentially “bind” the authorization to some entity’s authorization value. This binding is done by including the bind entity’s authorization value in the session key generation. This affects all calculations that depend on the session key, including HMAC, policy, encryption, and decryption calculations.
An unbound session doesn’t use a bind entity’s authorization in the session key generation.
A salted session adds extra entropy, the salt, into the session key generation; similar to bound sessions, this affects all calculations that depend on the session key. The extra entropy is sent to the TPM in encrypted form, the encrypted salt parameter which is passed in to the TPM2_StartAuthSession command.
An unsalted session doesn’t add entropy in this way.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Coding Theory | Localization |
Logic | Object-Oriented Design |
Performance Optimization | Quality Control |
Reengineering | Robohelp |
Software Development | Software Reuse |
Structured Design | Testing |
Tools | UML |
Deep Learning with Python by François Chollet(11976)
Hello! Python by Anthony Briggs(9424)
OCA Java SE 8 Programmer I Certification Guide by Mala Gupta(9391)
The Mikado Method by Ola Ellnestam Daniel Brolund(9353)
Dependency Injection in .NET by Mark Seemann(8898)
Algorithms of the Intelligent Web by Haralambos Marmanis;Dmitry Babenko(7896)
Test-Driven iOS Development with Swift 4 by Dominik Hauser(7416)
Grails in Action by Glen Smith Peter Ledbrook(7333)
The Well-Grounded Java Developer by Benjamin J. Evans Martijn Verburg(7162)
Secrets of the JavaScript Ninja by John Resig Bear Bibeault(6006)
Kotlin in Action by Dmitry Jemerov(4684)
Practical Vim (for Kathryn Amaral) by Drew Neil(3748)
Cracking the GRE Premium Edition with 6 Practice Tests, 2015 (Graduate School Test Preparation) by Princeton Review(3625)
Linux Device Driver Development Cookbook by Rodolfo Giometti(3533)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3279)
Becoming a Dynamics 365 Finance and Supply Chain Solution Architect by Brent Dawson(3191)
Microservices with Go by Alexander Shuiskov(2977)
Practical Design Patterns for Java Developers by Miroslav Wengner(2895)
Learning Java by Patrick Niemeyer & Daniel Leuck(2891)