10.1 TPM/ HSM
Type or hardware keys for mobile devices
Chip and PIN debit/credit cards Mobile NFC payment systems Key Cards/Fobs (chave de carro Prius) Smart Cards (for USB access key) DRM dongles (for USB access key)
HSM
Cryptographic key generation, storage, and management.
Cryptographic functions
Encrypt/Decrypt Digital Signature
Which aspects of CIA can an HSM/TPM solution enhance?
Hardware authentication, Integrity
Which type of Cryptography primitives is TPM use?
Hardware pseudo-random number generation
International Mobile Equipment ID
IMEI
Mobile network identifiers?
IMEI vs. IMSI
International Mobile Subscriber ID
IMSI
IMSI?
Identifies customer Usually associated to a SIM card
IMEI?
Identifies handset
Which aspects of CIA can an HSM/TPM solution impact?
Integrity
NO
Mobile-to-mobile encryption is end-to-end?
What is the feature of IMSI Security?
The key canNOT be viewed, duplicated or replaced
TPM
Trusted Platform Module
IMEI (CIA)
identification
IMSI(CIA)
identification and authentication
Main Function of TPM
• Cryptographic key generation and Protection
Hardware Security Module (HSM)
• Removable or external device used for encryption • It is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing.
TPM
• a chip can be installed on the motherboard • Best to be used together with: firewall, antivirus software, smart card, biometric verification. • Vendors: Atmel, Broadcom, Infineon, Sinosun, STMicroelecttronics, Winbond, Toshiba, Intel, etc.
TPM
• is used on almost all PCs, laptops, and tablets; most smartphones. • refers to both the set of specifications for a secure cryptoprocessor and the implementation of these specifications on a chip.