10.1 TPM/ HSM

Type or hardware keys for mobile devices

Chip and PIN debit/credit cards Mobile NFC payment systems Key Cards/Fobs (chave de carro Prius) Smart Cards (for USB access key) DRM dongles (for USB access key)

HSM

Cryptographic key generation, storage, and management.

Cryptographic functions

Encrypt/Decrypt Digital Signature

Which aspects of CIA can an HSM/TPM solution enhance?

Hardware authentication, Integrity

Which type of Cryptography primitives is TPM use?

Hardware pseudo-random number generation

International Mobile Equipment ID

IMEI

Mobile network identifiers?

IMEI vs. IMSI

International Mobile Subscriber ID

IMSI

IMSI?

Identifies customer Usually associated to a SIM card

IMEI?

Identifies handset

Which aspects of CIA can an HSM/TPM solution impact?

Integrity

NO

Mobile-to-mobile encryption is end-to-end?

What is the feature of IMSI Security?

The key canNOT be viewed, duplicated or replaced

TPM

Trusted Platform Module

IMEI (CIA)

identification

IMSI(CIA)

identification and authentication

Main Function of TPM

• Cryptographic key generation and Protection

Hardware Security Module (HSM)

• Removable or external device used for encryption • It is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing.

TPM

• a chip can be installed on the motherboard • Best to be used together with: firewall, antivirus software, smart card, biometric verification. • Vendors: Atmel, Broadcom, Infineon, Sinosun, STMicroelecttronics, Winbond, Toshiba, Intel, etc.

TPM

• is used on almost all PCs, laptops, and tablets; most smartphones. • refers to both the set of specifications for a secure cryptoprocessor and the implementation of these specifications on a chip.