[tpm2] Re: How to store AES key inside the TPM and then use it?

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Gabriele Saturni]

[-- Attachment #1: Type: text/plain, Size: 2491 bytes --]

Ok guys thanks a lot for the help! Googling i found these commands can you
confirm that this is the correct procedure ?

1) echo "That is my secret" > secret.txt

2) tpm2_createprimary -c primary.ctx -Q //create primary context

3) tpm2_pcrread -Q -o pcr.bin sha256:x,y,z //read the hash of pcr
register x,y,z and save in a file

4) tpm2_createpolicy -Q --policy-pcr -l sha256:x,y,z -f pcr.bin -L
pcr.policy //use the file created in the prev step for create a policy

5) tpm2_create -C primary.ctx -L pcr.policy -i secret.txt -u seal.pub
-r seal.priv -c seal.ctx -Q //seal the secret in the TPM using the
policy

6) tpm2_load -Q -C primary.ctx -u seal.pub -r seal.priv -n seal.name
-c seal.ctx //load the sensitive portion in the TPM.


Then for unseal:

tpm2_unseal -c seal.ctx -p pcr:sha256:x,y,z

Moreover, I have just one question: after step 6 Can I safely delete
the files primary.ctx -u seal.pub -r seal.priv since they are loaded
inside the TPM ?

Thanks again for your help.


Il giorno gio 3 feb 2022 alle ore 18:31 Kenneth Goldman <kgoldman(a)us.ibm.com>
ha scritto:

> I do not advise this.  There are very few (perhaps 7) persistent object
> slots, and many are used by OS-level functions.  It is a waste of a scarce
> resource.
>
>
>
> General TPM principle - use TPM NV only when absolutely necessary.
>
>
>
> *From:* Steven Clark <davolfman(a)gmail.com>
> *Sent:* Wednesday, February 2, 2022 10:28 PM
> *To:* Kenneth Goldman <kgoldman(a)us.ibm.com>
> *Cc:* Gabriele Saturni <gabriele.saturni(a)wsense.it>; tpm2 <
> tpm2(a)lists.01.org>
> *Subject:* [EXTERNAL] [tpm2] Re: How to store AES key inside the TPM and
> then use it?
>
>
>
> For small data it's also possible to store it sealed as a "keyedhash" and
> put it in one of the NVM "persistent object" locations as if it's key.
>
>
>
> On Wed, Feb 2, 2022, 1:06 PM Kenneth Goldman <kgoldman(a)us.ibm.com> wrote:
>
> There are two ways.  Note that, since you're encrypting outside the TPM,
> the 'key' is just a byte stream to the TPM.
>
>
>
> 1.       If you have storage available, create the key as sealed data
> using 'create'.  Retrieve the key with 'unseal', with application specific
> authorization for the unseal operation.
>
> 2.       If you have no external storage available, create the key as an
> NV index using NVdefinespace. Retrieve the key using NV read, again with
> application specific authorization for the read.
>
>
>
>

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 5177 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Roberts, William C]

[-- Attachment #1: Type: text/plain, Size: 5280 bytes --]

+2 with what Ken said. Don't use persistent objects, just tpm2_load the public/private blobs if possible.
Also, when unsealing, you should use an encrypted session, started with a key you verify so folks
cannot snoop your key on the bus if that's an attack you're defending against in your threat model.

Bill

________________________________
From: Gabriele Saturni <gabriele.saturni(a)wsense.it>
Sent: Monday, February 7, 2022 3:14 AM
To: Kenneth Goldman <kgoldman(a)us.ibm.com>
Cc: tpm2 <tpm2(a)lists.01.org>
Subject: [tpm2] Re: How to store AES key inside the TPM and then use it?

Hi guys, thanks again for the big help.
@Steven Clark<mailto:davolfman(a)gmail.com> thanks, the hint of using elliptic curve crypto could be very useful, in order to reduce the overhead.

@Kenneth Goldman<mailto:kgoldman(a)us.ibm.com> you're right, I've noticed that using that procedure the context blob are not loadable after reboot. However, I solved this issue by making the object persistent available on the TPM, at a specific address using the evictcontrol command. In this case I can delete all the files generated and retrieve the secret only with the unseal command and the address on which the object was stored.

Thanks again for the help!



Il giorno sab 5 feb 2022 alle ore 18:04 Kenneth Goldman <kgoldman(a)us.ibm.com<mailto:kgoldman(a)us.ibm.com>> ha scritto:

Caution - context blobs may not be loadable after a reboot.  It depends how it's created.  Invalidating context blobs on reboot is sometimes desired.



This is a high-level question.  It depends on the application security design.



Me - I'd keep the public and private parts.  They're very small.



From: Steven Clark <davolfman(a)gmail.com<mailto:davolfman(a)gmail.com>>
Sent: Friday, February 4, 2022 9:14 PM
To: Gabriele Saturni <gabriele.saturni(a)wsense.it<mailto:gabriele.saturni(a)wsense.it>>
Cc: Kenneth Goldman <kgoldman(a)us.ibm.com<mailto:kgoldman(a)us.ibm.com>>; tpm2 <tpm2(a)lists.01.org<mailto:tpm2(a)lists.01.org>>
Subject: [EXTERNAL] Re: [tpm2] Re: How to store AES key inside the TPM and then use it?

I think none of them are stored in the TPM.  But if you create a primary key with an identical procedure in the future you'll get the same key.  Also it might be in the context file but I'm not sure.  So creating primaries that are ECC keys is beneficial because generation is orders of magnitude faster than RSA.



Also your secret is now in the context blob so you don't need the pub and priv regions anymore.

On Fri, Feb 4, 2022, 1:29 AM Gabriele Saturni <gabriele.saturni(a)wsense.it<mailto:gabriele.saturni(a)wsense.it>> wrote:

Ok guys thanks a lot for the help! Googling i found these commands can you confirm that this is the correct procedure ?

1) echo "That is my secret" > secret.txt

2) tpm2_createprimary -c primary.ctx -Q //create primary context

3) tpm2_pcrread -Q -o pcr.bin sha256:x,y,z //read the hash of pcr register x,y,z and save in a file



4) tpm2_createpolicy -Q --policy-pcr -l sha256:x,y,z -f pcr.bin -L pcr.policy //use the file created in the prev step for create a policy



5) tpm2_create -C primary.ctx -L pcr.policy -i secret.txt -u seal.pub -r seal.priv -c seal.ctx -Q //seal the secret in the TPM using the policy

6) tpm2_load -Q -C primary.ctx -u seal.pub -r seal.priv -n seal.name<http://seal.name> -c seal.ctx //load the sensitive portion in the TPM.



Then for unseal:

tpm2_unseal -c seal.ctx -p pcr:sha256:x,y,z

Moreover, I have just one question: after step 6 Can I safely delete the files primary.ctx -u seal.pub -r seal.priv since they are loaded inside the TPM ?

Thanks again for your help.



Il giorno gio 3 feb 2022 alle ore 18:31 Kenneth Goldman <kgoldman(a)us.ibm.com<mailto:kgoldman(a)us.ibm.com>> ha scritto:

I do not advise this.  There are very few (perhaps 7) persistent object slots, and many are used by OS-level functions.  It is a waste of a scarce resource.



General TPM principle - use TPM NV only when absolutely necessary.



From: Steven Clark <davolfman(a)gmail.com<mailto:davolfman(a)gmail.com>>
Sent: Wednesday, February 2, 2022 10:28 PM
To: Kenneth Goldman <kgoldman(a)us.ibm.com<mailto:kgoldman(a)us.ibm.com>>
Cc: Gabriele Saturni <gabriele.saturni(a)wsense.it<mailto:gabriele.saturni(a)wsense.it>>; tpm2 <tpm2(a)lists.01.org<mailto:tpm2(a)lists.01.org>>
Subject: [EXTERNAL] [tpm2] Re: How to store AES key inside the TPM and then use it?



For small data it's also possible to store it sealed as a "keyedhash" and put it in one of the NVM "persistent object" locations as if it's key.



On Wed, Feb 2, 2022, 1:06 PM Kenneth Goldman <kgoldman(a)us.ibm.com<mailto:kgoldman(a)us.ibm.com>> wrote:

There are two ways.  Note that, since you're encrypting outside the TPM, the 'key' is just a byte stream to the TPM.



1.       If you have storage available, create the key as sealed data using 'create'.  Retrieve the key with 'unseal', with application specific authorization for the unseal operation.

2.       If you have no external storage available, create the key as an NV index using NVdefinespace. Retrieve the key using NV read, again with application specific authorization for the read.



[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 11634 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Roberts, William C]

[-- Attachment #1: Type: text/plain, Size: 1374 bytes --]

Intel TPM's support AES, but it's not widely available in other TPM's. It's better to "seal" the key to the TPM and then "unseal"
it as you need it and use it in software crypto. See "Seal Data to the TPM" in examples: https://tpm2-tools.readthedocs.io/en/stable/man/tpm2_create.1/

Bill
________________________________
From: Steven Clark <davolfman(a)gmail.com>
Sent: Wednesday, February 2, 2022 12:07 PM
To: Gabriele Saturni <gabriele.saturni(a)wsense.it>
Cc: tpm2 <tpm2(a)lists.01.org>
Subject: [tpm2] Re: How to store AES key inside the TPM and then use it?

As far as I know, no one produces a TPM with bulk symmetric encryption features.  It would be both slow and likely to have export law problems.

On Wed, Feb 2, 2022, 9:32 AM Gabriele Saturni <gabriele.saturni(a)wsense.it<mailto:gabriele.saturni(a)wsense.it>> wrote:
Hi to everybody,
I'm pretty new to the TPM and looking for a way to store a premade AES key inside the TPM and retrieve it for encrypting the data of my application. Is there any way to do it since a lot of TPM does not support AES ?

Thank you for your time
_______________________________________________
tpm2 mailing list -- tpm2(a)lists.01.org<mailto:tpm2(a)lists.01.org>
To unsubscribe send an email to tpm2-leave(a)lists.01.org<mailto:tpm2-leave(a)lists.01.org>
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 2924 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Gabriele Saturni]

[-- Attachment #1: Type: text/plain, Size: 4500 bytes --]

Hi guys, thanks again for the big help.
@Steven Clark <davolfman(a)gmail.com> thanks, the hint of using elliptic
curve crypto could be very useful, in order to reduce the overhead.

@Kenneth Goldman <kgoldman(a)us.ibm.com> you're right, I've noticed that
using that procedure the context blob are not loadable after reboot.
However, I solved this issue by making the object persistent available on
the TPM, at a specific address using the *evictcontrol* command. In this
case I can delete all the files generated and retrieve the secret only with
the unseal command and the address on which the object was stored.

Thanks again for the help!



Il giorno sab 5 feb 2022 alle ore 18:04 Kenneth Goldman <kgoldman(a)us.ibm.com>
ha scritto:

> Caution - context blobs may not be loadable after a reboot.  It depends
> how it's created.  Invalidating context blobs on reboot is sometimes
> desired.
>
>
>
> This is a high-level question.  It depends on the application security
> design.
>
>
>
> Me - I'd keep the public and private parts.  They're very small.
>
>
>
> *From:* Steven Clark <davolfman(a)gmail.com>
> *Sent:* Friday, February 4, 2022 9:14 PM
> *To:* Gabriele Saturni <gabriele.saturni(a)wsense.it>
> *Cc:* Kenneth Goldman <kgoldman(a)us.ibm.com>; tpm2 <tpm2(a)lists.01.org>
> *Subject:* [EXTERNAL] Re: [tpm2] Re: How to store AES key inside the TPM
> and then use it?
>
> I think none of them are stored in the TPM.  But if you create a primary
> key with an identical procedure in the future you'll get the same key.
> Also it might be in the context file but I'm not sure.  So creating
> primaries that are ECC keys is beneficial because generation is orders of
> magnitude faster than RSA.
>
>
>
> Also your secret is now in the context blob so you don't need the pub and
> priv regions anymore.
>
> On Fri, Feb 4, 2022, 1:29 AM Gabriele Saturni <gabriele.saturni(a)wsense.it>
> wrote:
>
> Ok guys thanks a lot for the help! Googling i found these commands can you
> confirm that this is the correct procedure ?
>
> 1) echo "That is my secret" > secret.txt
>
> 2) tpm2_createprimary -c primary.ctx -Q //create primary context
>
> 3) tpm2_pcrread -Q -o pcr.bin sha256:x,y,z //read the hash of pcr register x,y,z and save in a file
>
>
>
> 4) tpm2_createpolicy -Q --policy-pcr -l sha256:x,y,z -f pcr.bin -L pcr.policy //use the file created in the prev step for create a policy
>
>
>
> 5) tpm2_create -C primary.ctx -L pcr.policy -i secret.txt -u seal.pub -r seal.priv -c seal.ctx -Q //seal the secret in the TPM using the policy
>
> 6) tpm2_load -Q -C primary.ctx -u seal.pub -r seal.priv -n seal.name -c seal.ctx //load the sensitive portion in the TPM.
>
>
>
> Then for unseal:
>
> tpm2_unseal -c seal.ctx -p pcr:sha256:x,y,z
>
> Moreover, I have just one question: after step 6 Can I safely delete the files primary.ctx -u seal.pub -r seal.priv since they are loaded inside the TPM ?
>
> Thanks again for your help.
>
>
>
> Il giorno gio 3 feb 2022 alle ore 18:31 Kenneth Goldman <
> kgoldman(a)us.ibm.com> ha scritto:
>
> I do not advise this.  There are very few (perhaps 7) persistent object
> slots, and many are used by OS-level functions.  It is a waste of a scarce
> resource.
>
>
>
> General TPM principle - use TPM NV only when absolutely necessary.
>
>
>
> *From:* Steven Clark <davolfman(a)gmail.com>
> *Sent:* Wednesday, February 2, 2022 10:28 PM
> *To:* Kenneth Goldman <kgoldman(a)us.ibm.com>
> *Cc:* Gabriele Saturni <gabriele.saturni(a)wsense.it>; tpm2 <
> tpm2(a)lists.01.org>
> *Subject:* [EXTERNAL] [tpm2] Re: How to store AES key inside the TPM and
> then use it?
>
>
>
> For small data it's also possible to store it sealed as a "keyedhash" and
> put it in one of the NVM "persistent object" locations as if it's key.
>
>
>
> On Wed, Feb 2, 2022, 1:06 PM Kenneth Goldman <kgoldman(a)us.ibm.com> wrote:
>
> There are two ways.  Note that, since you're encrypting outside the TPM,
> the 'key' is just a byte stream to the TPM.
>
>
>
> 1.       If you have storage available, create the key as sealed data
> using 'create'.  Retrieve the key with 'unseal', with application specific
> authorization for the unseal operation.
>
> 2.       If you have no external storage available, create the key as an
> NV index using NVdefinespace. Retrieve the key using NV read, again with
> application specific authorization for the read.
>
>
>
>

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 9742 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Kenneth Goldman]

[-- Attachment #1: Type: text/plain, Size: 3717 bytes --]

Caution - context blobs may not be loadable after a reboot.  It depends how it's created.  Invalidating context blobs on reboot is sometimes desired.

This is a high-level question.  It depends on the application security design.

Me - I'd keep the public and private parts.  They're very small.

From: Steven Clark <davolfman(a)gmail.com>
Sent: Friday, February 4, 2022 9:14 PM
To: Gabriele Saturni <gabriele.saturni(a)wsense.it>
Cc: Kenneth Goldman <kgoldman(a)us.ibm.com>; tpm2 <tpm2(a)lists.01.org>
Subject: [EXTERNAL] Re: [tpm2] Re: How to store AES key inside the TPM and then use it?
I think none of them are stored in the TPM.  But if you create a primary key with an identical procedure in the future you'll get the same key.  Also it might be in the context file but I'm not sure.  So creating primaries that are ECC keys is beneficial because generation is orders of magnitude faster than RSA.

Also your secret is now in the context blob so you don't need the pub and priv regions anymore.
On Fri, Feb 4, 2022, 1:29 AM Gabriele Saturni <gabriele.saturni(a)wsense.it<mailto:gabriele.saturni(a)wsense.it>> wrote:
Ok guys thanks a lot for the help! Googling i found these commands can you confirm that this is the correct procedure ?

1) echo "That is my secret" > secret.txt

2) tpm2_createprimary -c primary.ctx -Q //create primary context

3) tpm2_pcrread -Q -o pcr.bin sha256:x,y,z //read the hash of pcr register x,y,z and save in a file



4) tpm2_createpolicy -Q --policy-pcr -l sha256:x,y,z -f pcr.bin -L pcr.policy //use the file created in the prev step for create a policy



5) tpm2_create -C primary.ctx -L pcr.policy -i secret.txt -u seal.pub -r seal.priv -c seal.ctx -Q //seal the secret in the TPM using the policy

6) tpm2_load -Q -C primary.ctx -u seal.pub -r seal.priv -n seal.name<http://seal.name> -c seal.ctx //load the sensitive portion in the TPM.



Then for unseal:

tpm2_unseal -c seal.ctx -p pcr:sha256:x,y,z

Moreover, I have just one question: after step 6 Can I safely delete the files primary.ctx -u seal.pub -r seal.priv since they are loaded inside the TPM ?

Thanks again for your help.

Il giorno gio 3 feb 2022 alle ore 18:31 Kenneth Goldman <kgoldman(a)us.ibm.com<mailto:kgoldman(a)us.ibm.com>> ha scritto:
I do not advise this.  There are very few (perhaps 7) persistent object slots, and many are used by OS-level functions.  It is a waste of a scarce resource.

General TPM principle - use TPM NV only when absolutely necessary.

From: Steven Clark <davolfman(a)gmail.com<mailto:davolfman(a)gmail.com>>
Sent: Wednesday, February 2, 2022 10:28 PM
To: Kenneth Goldman <kgoldman(a)us.ibm.com<mailto:kgoldman(a)us.ibm.com>>
Cc: Gabriele Saturni <gabriele.saturni(a)wsense.it<mailto:gabriele.saturni(a)wsense.it>>; tpm2 <tpm2(a)lists.01.org<mailto:tpm2(a)lists.01.org>>
Subject: [EXTERNAL] [tpm2] Re: How to store AES key inside the TPM and then use it?

For small data it's also possible to store it sealed as a "keyedhash" and put it in one of the NVM "persistent object" locations as if it's key.

On Wed, Feb 2, 2022, 1:06 PM Kenneth Goldman <kgoldman(a)us.ibm.com<mailto:kgoldman(a)us.ibm.com>> wrote:
There are two ways.  Note that, since you're encrypting outside the TPM, the 'key' is just a byte stream to the TPM.


1.       If you have storage available, create the key as sealed data using 'create'.  Retrieve the key with 'unseal', with application specific authorization for the unseal operation.

2.       If you have no external storage available, create the key as an NV index using NVdefinespace. Retrieve the key using NV read, again with application specific authorization for the read.


[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 10535 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Steven Clark]

[-- Attachment #1: Type: text/plain, Size: 3076 bytes --]

I think none of them are stored in the TPM.  But if you create a primary
key with an identical procedure in the future you'll get the same key.
Also it might be in the context file but I'm not sure.  So creating
primaries that are ECC keys is beneficial because generation is orders of
magnitude faster than RSA.
Also your secret is now in the context blob so you don't need the pub and
priv regions anymore.

On Fri, Feb 4, 2022, 1:29 AM Gabriele Saturni <gabriele.saturni(a)wsense.it>
wrote:

> Ok guys thanks a lot for the help! Googling i found these commands can you
> confirm that this is the correct procedure ?
>
> 1) echo "That is my secret" > secret.txt
>
> 2) tpm2_createprimary -c primary.ctx -Q //create primary context
>
> 3) tpm2_pcrread -Q -o pcr.bin sha256:x,y,z //read the hash of pcr register x,y,z and save in a file
>
> 4) tpm2_createpolicy -Q --policy-pcr -l sha256:x,y,z -f pcr.bin -L pcr.policy //use the file created in the prev step for create a policy
>
> 5) tpm2_create -C primary.ctx -L pcr.policy -i secret.txt -u seal.pub -r seal.priv -c seal.ctx -Q //seal the secret in the TPM using the policy
>
> 6) tpm2_load -Q -C primary.ctx -u seal.pub -r seal.priv -n seal.name -c seal.ctx //load the sensitive portion in the TPM.
>
>
> Then for unseal:
>
> tpm2_unseal -c seal.ctx -p pcr:sha256:x,y,z
>
> Moreover, I have just one question: after step 6 Can I safely delete the files primary.ctx -u seal.pub -r seal.priv since they are loaded inside the TPM ?
>
> Thanks again for your help.
>
>
> Il giorno gio 3 feb 2022 alle ore 18:31 Kenneth Goldman <
> kgoldman(a)us.ibm.com> ha scritto:
>
>> I do not advise this.  There are very few (perhaps 7) persistent object
>> slots, and many are used by OS-level functions.  It is a waste of a scarce
>> resource.
>>
>>
>>
>> General TPM principle - use TPM NV only when absolutely necessary.
>>
>>
>>
>> *From:* Steven Clark <davolfman(a)gmail.com>
>> *Sent:* Wednesday, February 2, 2022 10:28 PM
>> *To:* Kenneth Goldman <kgoldman(a)us.ibm.com>
>> *Cc:* Gabriele Saturni <gabriele.saturni(a)wsense.it>; tpm2 <
>> tpm2(a)lists.01.org>
>> *Subject:* [EXTERNAL] [tpm2] Re: How to store AES key inside the TPM and
>> then use it?
>>
>>
>>
>> For small data it's also possible to store it sealed as a "keyedhash" and
>> put it in one of the NVM "persistent object" locations as if it's key.
>>
>>
>>
>> On Wed, Feb 2, 2022, 1:06 PM Kenneth Goldman <kgoldman(a)us.ibm.com> wrote:
>>
>> There are two ways.  Note that, since you're encrypting outside the TPM,
>> the 'key' is just a byte stream to the TPM.
>>
>>
>>
>> 1.       If you have storage available, create the key as sealed data
>> using 'create'.  Retrieve the key with 'unseal', with application specific
>> authorization for the unseal operation.
>>
>> 2.       If you have no external storage available, create the key as an
>> NV index using NVdefinespace. Retrieve the key using NV read, again with
>> application specific authorization for the read.
>>
>>
>>
>>

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 5906 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Kenneth Goldman]

[-- Attachment #1: Type: text/plain, Size: 1294 bytes --]

I do not advise this.  There are very few (perhaps 7) persistent object slots, and many are used by OS-level functions.  It is a waste of a scarce resource.

General TPM principle - use TPM NV only when absolutely necessary.

From: Steven Clark <davolfman(a)gmail.com>
Sent: Wednesday, February 2, 2022 10:28 PM
To: Kenneth Goldman <kgoldman(a)us.ibm.com>
Cc: Gabriele Saturni <gabriele.saturni(a)wsense.it>; tpm2 <tpm2(a)lists.01.org>
Subject: [EXTERNAL] [tpm2] Re: How to store AES key inside the TPM and then use it?

For small data it's also possible to store it sealed as a "keyedhash" and put it in one of the NVM "persistent object" locations as if it's key.

On Wed, Feb 2, 2022, 1:06 PM Kenneth Goldman <kgoldman(a)us.ibm.com<mailto:kgoldman(a)us.ibm.com>> wrote:
There are two ways.  Note that, since you're encrypting outside the TPM, the 'key' is just a byte stream to the TPM.


1.       If you have storage available, create the key as sealed data using 'create'.  Retrieve the key with 'unseal', with application specific authorization for the unseal operation.

2.       If you have no external storage available, create the key as an NV index using NVdefinespace. Retrieve the key using NV read, again with application specific authorization for the read.


[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 5121 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Kenneth Goldman]

[-- Attachment #1: Type: text/plain, Size: 3568 bytes --]

Definitely use external storage.

TPM NV space is limited.  Create the sealed data, which will be encrypted with the parent key.  Load it when you need it, then unseal to get the plaintext key.

From: Gabriele Saturni <gabriele.saturni(a)wsense.it>
Sent: Thursday, February 3, 2022 3:07 AM
To: Steven Clark <davolfman(a)gmail.com>
Cc: Kenneth Goldman <kgoldman(a)us.ibm.com>; tpm2 <tpm2(a)lists.01.org>
Subject: [EXTERNAL] [tpm2] Re: How to store AES key inside the TPM and then use it?

Thanks for the answers, basing on your experiences, since I have storage available outside the TPM, which of the two proposed approaches is the best (in terms of both security and efficiency)?

Il giorno gio 3 feb 2022 alle ore 04:27 Steven Clark <davolfman(a)gmail.com<mailto:davolfman(a)gmail.com>> ha scritto:
For small data it's also possible to store it sealed as a "keyedhash" and put it in one of the NVM "persistent object" locations as if it's key.

On Wed, Feb 2, 2022, 1:06 PM Kenneth Goldman <kgoldman(a)us.ibm.com<mailto:kgoldman(a)us.ibm.com>> wrote:
There are two ways.  Note that, since you're encrypting outside the TPM, the 'key' is just a byte stream to the TPM.

1.       If you have storage available, create the key as sealed data using 'create'.  Retrieve the key with 'unseal', with application specific authorization for the unseal operation.
2.       If you have no external storage available, create the key as an NV index using NVdefinespace. Retrieve the key using NV read, again with application specific authorization for the read.

From: Gabriele Saturni <gabriele.saturni(a)wsense.it<mailto:gabriele.saturni(a)wsense.it>>
Sent: Wednesday, February 2, 2022 12:31 PM
To: tpm2(a)lists.01.org<mailto:tpm2(a)lists.01.org>
Subject: [EXTERNAL] [tpm2] How to store AES key inside the TPM and then use it?

Hi to everybody, I'm pretty new to the TPM and looking for a way to store a premade AES key inside the TPM and retrieve it for encrypting the data of my application. Is there any way to do it since a lot of TPM does not support AES ? ‍ ‍ ZjQcmQRYFpfptBannerStart
Hi to everybody,
I'm pretty new to the TPM and looking for a way to store a premade AES key inside the TPM and retrieve it for encrypting the data of my application. Is there any way to do it since a lot of TPM does not support AES ?

Thank you for your time
_______________________________________________
tpm2 mailing list -- tpm2(a)lists.01.org<mailto:tpm2(a)lists.01.org>
To unsubscribe send an email to tpm2-leave(a)lists.01.org<mailto:tpm2-leave(a)lists.01.org>
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s


--
Gabriele Saturni, PhD
R&D Developer, WSense Srl
E-mail: gabriele.saturni(a)wsense.it<mailto:giovanni.pagnotta(a)wsense.it>
WSense Srl web site:  https://www.wsense.it/<https://www.wsense.it/>

This message is confidential. Any unauthorised disclosure,  use or dissemination, either whole or partial, is prohibited. If  you are not the intended recipient of the message, please notify the sender immediately.

Questo messaggio e riservato;Qualsiasi pubblicazione, utilizzo o diffusione, anche parziale di questo messaggio, deve essere preventivamente autorizzata. Nel caso in cui non foste destinatari del presente messaggio,vogliate cortesemente avvertire immediatamente il mittente.

Ce message est confidentiel. Toute publication,  utilisation ou diffusion, meme partielle, doit etre autorisee  prealablement. Si vous n' etes pas destinataire de ce message, merci d'en avertir immediatement l'expediteur.

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 9723 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Gabriele Saturni]

[-- Attachment #1: Type: text/plain, Size: 3036 bytes --]

Thanks for the answers, basing on your experiences, since I have storage
available outside the TPM, which of the two proposed approaches is the best
(in terms of both security and efficiency)?

Il giorno gio 3 feb 2022 alle ore 04:27 Steven Clark <davolfman(a)gmail.com>
ha scritto:

> For small data it's also possible to store it sealed as a "keyedhash" and
> put it in one of the NVM "persistent object" locations as if it's key.
>
> On Wed, Feb 2, 2022, 1:06 PM Kenneth Goldman <kgoldman(a)us.ibm.com> wrote:
>
>> There are two ways.  Note that, since you're encrypting outside the TPM,
>> the 'key' is just a byte stream to the TPM.
>>
>>
>>
>>    1. If you have storage available, create the key as sealed data using
>>    'create'.  Retrieve the key with 'unseal', with application specific
>>    authorization for the unseal operation.
>>    2. If you have no external storage available, create the key as an NV
>>    index using NVdefinespace. Retrieve the key using NV read, again with
>>    application specific authorization for the read.
>>
>>
>>
>> *From:* Gabriele Saturni <gabriele.saturni(a)wsense.it>
>> *Sent:* Wednesday, February 2, 2022 12:31 PM
>> *To:* tpm2(a)lists.01.org
>> *Subject:* [EXTERNAL] [tpm2] How to store AES key inside the TPM and
>> then use it?
>>
>>
>>
>> Hi to everybody, I'm pretty new to the TPM and looking for a way to store
>> a premade AES key inside the TPM and retrieve it for encrypting the data of
>> my application. Is there any way to do it since a lot of TPM does not
>> support AES ? ‍ ‍ ZjQcmQRYFpfptBannerStart
>>
>> Hi to everybody,
>>
>> I'm pretty new to the TPM and looking for a way to store a premade AES
>> key inside the TPM and retrieve it for encrypting the data of my
>> application. Is there any way to do it since a lot of TPM does not support
>> AES ?
>>
>>
>>
>> Thank you for your time
>> _______________________________________________
>> tpm2 mailing list -- tpm2(a)lists.01.org
>> To unsubscribe send an email to tpm2-leave(a)lists.01.org
>> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
>
>

-- 
Gabriele Saturni, PhD
R&D Developer, WSense Srl
E-mail: gabriele.saturni(a)wsense.it <giovanni.pagnotta(a)wsense.it>
WSense Srl web site:  https://www.wsense.it/

This message is confidential. Any unauthorised disclosure,  use or
dissemination, either whole or partial, is prohibited. If  you are not the
intended recipient of the message, please notify the sender immediately.

Questo messaggio e riservato;Qualsiasi pubblicazione, utilizzo o
diffusione, anche parziale di questo messaggio, deve essere preventivamente
autorizzata. Nel caso in cui non foste destinatari del presente
messaggio,vogliate cortesemente avvertire immediatamente il mittente.

Ce message est confidentiel. Toute publication,  utilisation ou diffusion,
meme partielle, doit etre autorisee  prealablement. Si vous n' etes pas
destinataire de ce message, merci d'en avertir immediatement l'expediteur.

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 5297 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Steven Clark]

[-- Attachment #1: Type: text/plain, Size: 1786 bytes --]

For small data it's also possible to store it sealed as a "keyedhash" and
put it in one of the NVM "persistent object" locations as if it's key.

On Wed, Feb 2, 2022, 1:06 PM Kenneth Goldman <kgoldman(a)us.ibm.com> wrote:

> There are two ways.  Note that, since you're encrypting outside the TPM,
> the 'key' is just a byte stream to the TPM.
>
>
>
>    1. If you have storage available, create the key as sealed data using
>    'create'.  Retrieve the key with 'unseal', with application specific
>    authorization for the unseal operation.
>    2. If you have no external storage available, create the key as an NV
>    index using NVdefinespace. Retrieve the key using NV read, again with
>    application specific authorization for the read.
>
>
>
> *From:* Gabriele Saturni <gabriele.saturni(a)wsense.it>
> *Sent:* Wednesday, February 2, 2022 12:31 PM
> *To:* tpm2(a)lists.01.org
> *Subject:* [EXTERNAL] [tpm2] How to store AES key inside the TPM and then
> use it?
>
>
>
> Hi to everybody, I'm pretty new to the TPM and looking for a way to store
> a premade AES key inside the TPM and retrieve it for encrypting the data of
> my application. Is there any way to do it since a lot of TPM does not
> support AES ? ‍ ‍ ZjQcmQRYFpfptBannerStart
>
> Hi to everybody,
>
> I'm pretty new to the TPM and looking for a way to store a premade AES key
> inside the TPM and retrieve it for encrypting the data of my application.
> Is there any way to do it since a lot of TPM does not support AES ?
>
>
>
> Thank you for your time
> _______________________________________________
> tpm2 mailing list -- tpm2(a)lists.01.org
> To unsubscribe send an email to tpm2-leave(a)lists.01.org
> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 3599 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Kenneth Goldman]

[-- Attachment #1: Type: text/plain, Size: 1238 bytes --]

There are two ways.  Note that, since you're encrypting outside the TPM, the 'key' is just a byte stream to the TPM.


  1.  If you have storage available, create the key as sealed data using 'create'.  Retrieve the key with 'unseal', with application specific authorization for the unseal operation.
  2.  If you have no external storage available, create the key as an NV index using NVdefinespace. Retrieve the key using NV read, again with application specific authorization for the read.

From: Gabriele Saturni <gabriele.saturni(a)wsense.it>
Sent: Wednesday, February 2, 2022 12:31 PM
To: tpm2(a)lists.01.org
Subject: [EXTERNAL] [tpm2] How to store AES key inside the TPM and then use it?

Hi to everybody, I'm pretty new to the TPM and looking for a way to store a premade AES key inside the TPM and retrieve it for encrypting the data of my application. Is there any way to do it since a lot of TPM does not support AES ? ‍ ‍ ZjQcmQRYFpfptBannerStart
Hi to everybody,
I'm pretty new to the TPM and looking for a way to store a premade AES key inside the TPM and retrieve it for encrypting the data of my application. Is there any way to do it since a lot of TPM does not support AES ?

Thank you for your time

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 5493 bytes --]

[tpm2] Re: How to store AES key inside the TPM and then use it?

[Steven Clark]

[-- Attachment #1: Type: text/plain, Size: 725 bytes --]

As far as I know, no one produces a TPM with bulk symmetric encryption
features.  It would be both slow and likely to have export law problems.

On Wed, Feb 2, 2022, 9:32 AM Gabriele Saturni <gabriele.saturni(a)wsense.it>
wrote:

> Hi to everybody,
> I'm pretty new to the TPM and looking for a way to store a premade AES key
> inside the TPM and retrieve it for encrypting the data of my application.
> Is there any way to do it since a lot of TPM does not support AES ?
>
> Thank you for your time
> _______________________________________________
> tpm2 mailing list -- tpm2(a)lists.01.org
> To unsubscribe send an email to tpm2-leave(a)lists.01.org
> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 1187 bytes --]