Brussels / 2 & 3 February 2019

schedule

The TPM2 software community

Getting started as a user, becoming a contributor


Security is and has been a hot topic in recent history. Software and hardware systems are increasingly complex, vulnerabilities increasingly publicised and attack methodologies increasingly sophisticated. This trend began long ago as did efforts to design and implement foundational technologies to curtail it. The trusted platform module (TPM) is one such technology. It was specifically designed to thwart attacks that aim to steal or misuse sensitive cryptographic keys. Despite its obvious benefits, TPM adoption on OSS platforms was historically minimal.

The next iteration of TPM implementations (TPM2) is quickly reaching critical mass in consumer computing platforms. Aiming to capitalize on the availability of TPM2 hardware, the tpm2-software organization on Github (https://github.com/tpm2-software) has coalesced as a community around the implementation of the TCG standard APIs, and their integration into common software tool and infrastructure. This talk will start with an overview of the tpm2-software community, it's history, it's current direction and how new users can get involved. The talk will then shift to discuss the technical details of the TPM2 software stack (TSS2) infrastructure and programming APIs and our current efforts to improve the security properties of OSS through their adoption. Finally, we'll conclude by presenting a use case driving the implementation of a new TPM2 Command Transmission Interface (TCTI) module enabling use of the TPM2 from with the SGX trusted execution environment.

Security is and has been a hot topic in recent history. Software and hardware systems are increasingly complex, vulnerabilities increasingly publicised and attack methodologies increasingly sophisticated. This trend began long ago as did efforts to design and implement foundational technologies to curtail it. The trusted platform module (TPM) is one such technology. It was specifically designed to thwart attacks that aim to steal or misuse sensitive cryptographic keys. Despite its obvious benefits, TPM adoption on OSS platforms was historically minimal.

The next iteration of TPM implementations (TPM2) is quickly reaching critical mass in consumer computing platforms. Aiming to capitalize on the availability of TPM2 hardware, the tpm2-software organization on Github (https://github.com/tpm2-software) has coalesced as a community around the implementation of the TCG standard APIs, and their integration into common software tool and infrastructure. This talk will start with an overview of the tpm2-software community, it's history, it's current direction and how new users can get involved. The talk will then shift to discuss the technical details of the TPM2 software stack (TSS2) infrastructure and programming APIs and our current efforts to improve the security properties of OSS through their adoption. Finally, we'll conclude by presenting a use case driving the implementation of a new TPM2 Command Transmission Interface (TCTI) module enabling use of the TPM2 from with the SGX trusted execution environment.

Speakers

Philip Tricca
Andreas Fuchs

Links