Scenarios for Using TPM 1.2

In general, the TPM 2.0 design can do anything a TPM 1.2 chip can do. Thus, in considering applications that can use a TPM 2.0 chip, it's wise to first examine the applications that were enabled by the TPM 1.2 design.


The use envisioned for the first embedded security chip was device identification (DeviceID). Smart cards use their keys for this purpose. The private key embedded in the chip identifies the card on which it resides, an authentication password or PIN is used to authenticate a person to the card, and together they form “the thing you have” and “the thing you know” for authentication. Nothing keeps several people from using the same smart card, as long as they all know the PIN. There is also nothing that ties the smart card to a particular machine, which is an advantage when the smart card is used as a proxy for identifying an individual instead of a machine.

By embedding a private key mechanism in a personal computing device, that device can be identified. This is a big advantage for an IT organization, which owns the device and is in control of its software load and security protections. But as computers became more portable with the production of smaller and lighter laptops, the PC itself began to be useful as “the thing you have” in place of a smart card. It turned out that many times, when a smart card was used to authenticate a person to a computer network, the user left the smart card with the device. If one was stolen, both were stolen. As a result, there was no advantage to keeping the two separate.

However, if the password of a key stored in a security chip inside a personal computer was going to be used as a proxy for an individual, it was clear that the key could not reside in a single computer. The key has to be able to exist in multiple machines, because individuals tend to use more than one device. Further, machines are upgraded on average every 3 to 5 years, and keys must move from an old system to a new system in order to make system management possible.

These realizations led to two of the objectives of the original embedded security chips. They needed keys that identified the device—keys that couldn't be moved to different machines. And they needed keys that identified individuals—keys that could be duplicated across a number of machines. In either case, the keys had to be able to be deleted when an old system was disposed of.

What is the identification used for? There are a large number of uses, including these:

VPN identifying a machine before granting access to a network: An IT organization can be certain that only enterprise-owned machines are allowed on the enterprise's network.

VPN identifying a user before granting access to a network: An IT organization can be certain that only authorized personnel are granted access to an enterprise's network.

User signing e-mail: The recipient of an e-mail can know with some certainty who sent the e-mail.

User decrypting e-mail sent to them: This allows for confidentiality of correspondence.

User identifying themselves to their bank: A user can prevent others from logging in to their account.

User authorizing a payment: A user can prevent others from making payments in their name.

User logging in remotely to a system: Only authorized personnel can log in to a remote system.

< Prev   CONTENTS   Next >