Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Key split combination procedures internal to TPM #3403

Open
dadiestfish2077 opened this issue Jun 1, 2024 · 0 comments
Open

Key split combination procedures internal to TPM #3403

dadiestfish2077 opened this issue Jun 1, 2024 · 0 comments

Comments

@dadiestfish2077
Copy link

The TPM Tools need the ability to perform key combination procedures internal to the hardware, thereby never exposing keying material to external memory.

For example, I have a system that has one key half inside a TPM. The other key half comes the user at runtime. I want to load the second key half into the TPM and I need the tpm to perform a key combination procedure, such as XORing and hashing, all within its internal memory. I need this combined key to stay in the TPM and be used while never being exposed to memory.

im surprised to see that something like this is not currently supported. I think it should be, as it is a common requirement to have external keying material loaded from the environment while also having the requirement that keys should never be exposed to memory.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant