Technical Field
The present disclosure relates to the field of methods and devices for providing trusted platform module (TPM) services, without using a dedicated TPM device.
Description of the Related Art
In order to provide the authenticity and security of hardware and software configurations, it has been proposed to use a trusted platform module (TPM). A TPM is a cryptographic device for enabling trusted computing. One key requirement of a trusted computing environment is to ensure the integrity of the boot sequence. To do this, the TPM forms a “root of trust”. In particular, from power-on of a computing device, the boot sequence starts from a trusted condition, and this trust is extended until the operating system has fully booted and applications are running. The integrity is ensured at each step by using one or more platform configuration registers (PCRs) of the TPM to securely store boot measurements. The contents of the PCRs can then be cryptographically signed by the TPM and provided to an application or remote party such that the integrity of the boot sequence can be verified.
Trusted platform modules may be incorporated into a wide range of electronic computing devices, including smartphones, tablet computers and laptop computers. They are generally implemented as hardware devices coupled to the main processor of the electronics device.
However, due to limits on available chip area and power, for many applications such as smartphones or other portable devices, there is a need for a solution for providing TPM services without using a dedicated TPM device. There are, however, technical difficulties in providing such a system while providing high security and fast response times.