MSC Q7-BT MSC_Q7-BT_User_Manual.pdf 100 / 113
Trusted Platform Module (TPM)
A TPM is a cryptoprocessor that can store cryptographic keys that protect information.
The Trusted Platform Module offers facilities for the secure generation of cryptographic keys, and limitation of their use, in
addition to a hardware pseudo-random number generator. It also includes capabilities such as remote attestation and sealed
storage.
"Remote attestation" creates a nearly unforgettable hash-key summary of the hardware and software configuration. The
program encrypting the data determines the extent of the summary of the software. This allows a third party to verify that the
software has not been changed.
"Binding" encrypts data using the TPM endorsement key, a unique RSA key burned into the chip during its production, or
another trusted key descended from it.
"Sealing" encrypts data in similar manner to binding, but in addition specifies a state in which the TPM must be in order for the
data to be decrypted (unsealed).
Software can use a Trusted Platform Module to authenticate hardware devices. Since each TPM chip has a unique and secret
RSA key burned in as it is produced, it is capable of performing platform authentication. For example, it can be used to verify
that a system seeking access is the expected system.
Reference: http://en.wikipedia.org/wiki/Trusted_Platform_Module
TXT (Trusted Execution Technology)
Due to the complexity of this feature, please visit
http://www.intel.com/content/dam/www/public/us/en/documents/white-papers/trusted-execution-technology-security-paper.pdf
Note: To use this feature VT, Vt-d, SMX and TPM must be enabled.
To Next Page
Loading...
Need help?
General
