Dynamic key management with individual key revocation for TPM
YU Fajiang, CHEN Yuchi, ZHANG Huanguo
Key Laboratory of Aerospace Information Security and Trusted Computing of Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China
Abstract:The trusted platform module (TPM) has limited internal memory, so most keys must be saved outside the TPM and such systems require a mechanism to revoke individual keys saved outside the module. A dynamic key management mechanism with a dynamic key management tree and a chameleon hash function was developed to store application keys in leaf nodes. TPM then uses a secret key to append new keys and update or revoke old keys without modifying any other keys. Only the leftmost node of each level in the tree is stored inside the TPM with the others all stored outside. When updating or revoking an old key, TPM traverses all the nodes on the path from the corresponding leaf node to the node stored inside the TPM. The required internal memory size for key updates or revocation with this scheme is a logarithmic function of the total number of keys, which is much more efficient than previous schemes. This dynamic key management mechanism is compatible with existing applications and can be adapted to any embedded crypto-module.
[1] Trust Computing Group (TCG). TPM main part 1 design principles specification version 1.2:Revision 116[S]. Beaverton:TCG, 2011. [2] Trusted Computing Group (TCG). Trusted platform module library part 4:Supporting routines:Family "2.0" level 00 revision 01.38[S]. Beaverton:TCG, 2016. [3] SHAO J X, QIN Y, FENG D G. Formal analysis of HMAC authorisation in the TPM2.0 specification[J]. IET Information Security, 2018, 12(2):133-140. [4] HAN S, SHIN W, PARK J H, et al. A bad dream:Subverting trusted platform module while you are sleeping[C]//Proceedings of the 27th USENIX Security Symposium. Baltimore, USA:USENIX Association, 2018:1229-1246. [5] HAO F, CLARKE D, ZORZO A F. Deleting secret data with public verifiability[J]. IEEE Transactions on Dependable and Secure Computing, 2016, 13(6):617-629. [6] CORTIER V, STEEL G, WIEDLING C. Revoke and let live:A secure key revocation API for cryptographic devices[C]//Proceedings of the 2012 ACM Conference on Computer and Communications Security. Raleigh, USA:ACM, 2012:918-928. [7] CORTIER V, STEEL G. A generic security API for symmetric key management on cryptographic devices[C]//Proceedings of the 14th European Symposium on Research in Computer Security. Saint-Malo, France:Springer, 2009:605-620. [8] LIU C, KHOUZANI H A, YANG C M. ErasuCrypto:A light-weight secure data deletion scheme for solid state drives[J]. Proceedings on Privacy Enhancing Technologies, 2016, 2017(1):132-148. [9] KATZENBEISSER S, KURSAWE K, STUMPF F. Revocation of TPM keys[C]//Proceedings of the Second International Conference on Trusted Computing. Oxford, UK:Springer, 2009:120-132. [10] KRAWCZYK H, RABIN T. Chameleon signatures[C]//Proceedings of the Network and Distributed Systems Security Symposium (NDSS 2000). San Diego, USA:NDSS, 2000:143-154. [11] SCHÖDER D, SIMKIN M. VeriStream:A framework for verifiable data streaming[C]//Proceedings of the 19th International Conference on Financial Cryptography and Data Security. San Juan, Puerto Rico:Springer, 2015:548-566. [12] SCHROEDER D, SCHROEDER H. Verifiable data streaming[C]//Proceedings of 2012 ACM Conference on Computer and Communications Security. Raleigh, USA:ACM, 2012:953-964. [13] SHAMIR A, TAUMAN Y. Improved online/offline signature schemes[C]//Proceedings of the 21st Annual International Cryptology Conference. Santa Barbara, USA:Springer, 2001:355-367. [14] BARKER E B, BARKER W C, BURR W E, et al. Recommendation for key management-part 1:General[S]. Gaithersburg:NIST, 2007. [15] ASHLEY, DEBORA, WILSON G, et al. TrouSerS:An open-source TCG software stack implementation[EB/OL].[2019-06-10]. https://sourceforge.net/projects/trousers.