The infamous ST micro TPM also has a "7816" feature. Various subtle signals
suggested the SINOSUN design team was influenced by the ST architecture: or,
there was OEMming involved.
its just not clear in either high-level spec (from the SinoSUn or ST)
whether the 7816 is for connecting TO smartcards, or is an alternative to
the LPC bus interface.
For the bio _reader_ market, where the TPM plays the role of the traditional
Gemplus reader controller, it would make sense for the reader-TPM to have
(a) an USB SIE
(b) support for some TPM-specific USB class of endpoint support
(c) GPIO/SPI for interfacing to the finger sensor
(d) OUTBAND 7816 to interface, classically to a 7816 device in module form.
Whether the 7816 channel could be used to interface (on a staked die,
perhaps) to an 7816 co-processor PERFORMING part of the TPM function is
presumably a matter for the TPM firmware, on the 8bit controller.
We could see this category of reader chip as either:
(a) the TPM chip performs the role of a traditional reader + SAM(s)
(b) the TPM chip interfaces to another TPM on the _inserted_ card of a user,
over 7816, in some way, supporting a partioned, Network-TCB architecture
(c) (a) and (b) merge somehow, when core TPM functions "recognize" SAM
modules.
I asked the govt sales rep from Wave Systems about this notion: shall a TPM
talk unto a smartcard? I got a cagey answer; but he did admit that "work was
ongoing". I asked the question: can motherboard TPM ever support
authenticating a user id token, bound to the OS via CCID. I didnt ask about
the SAM concept, tho, for PC readers or phones/PDAs.
I know one software company that is doing javacard + GPIO work, for a major
chip manufacturer. In fact, they specifically mentioned the device was was
"firmware + GPIO", PLUS javacard capability, rather than javacard shall
drive the GPIO directly. That could reflect a "TPM + Javacard SAM" multiple
die controller, if you think about it.
Interesting. Ill go digging some more, with a local expert in TPM + bio
goings on.
From: Axel Heider <[EMAIL PROTECTED]>
Reply-To: MUSCLE <[email protected]>
To: MUSCLE <[email protected]>
Subject: Re: [Muscle] 7816 TPMs from China?
Date: Thu, 29 Sep 2005 14:50:29 +0200
Peter,
> Now, for the internal China market, we have (from a local
> China designer/manufacturer)
>
https://www.trustedcomputinggroup.org/ShowcaseApp/sh_catalog_files/4b16e66a5d4ad26ea97bc62d52efc792095d0211/SSX35%20Product%20Description%20-%20Summary%20Mar.05.pdf
> So, do we now have a 7816 interface to TPMs?
> Presumably, there is a set of APDUs too? are they standardized in any
> forum?
That sounds really interesting. I've looked at their website
http://www.sinosun.com.cn , but it does not contain much more
information. Anyway, "serial interface in conformance to
ISO 7816 Standard" sounds a little bit strange to me without
giving further details. Does not say anything about APDUs - maybe
they refer only to electrical characteristics. This could mean,
that a modified smartcard reader firmware (which allows sending
not only APDUs, but also TPM commands according to the published
TCG specs) could be used to access the chip.
So far, I'm not aware of any APDU standards from TCG. On the other
side, putting TPM commands in ISO7816 APDUs could work. The question
remains, if (or in which scenario) a smartcard-TPM would really make
sense, because it is no longer fixed to a specific platform. In this
case, I can see no real advantage compared to existing smartcards.
If you get further information about this SSX35 chip, it would ne nice
if you post them here or notify me.
--
mfg Axel Heider
Civilization is just a temporary failure of entropy.
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
