> For all I know the TPM chip uses Dual_EC whatever, which is treated > by > the industry as being backdoored. Sure, maybe the specs say that it > isn't doing that, but how would I check? I don't even have access to > P > and Q. It's easier to verify a software RNG. > > So by (carefully) generating the keys in software I can trust the > quality of the keypair, but without this 'second bit' I compromise > security by allowing the key to be exported. When this 'second bit' > is > set Key_WrapKey (or rather, its underlying TPM operation) would be > allowed, but the key migration commands would not. >
You could use Tspi_TPM_StirRandom() before every key generation to work around Dual_EC vulnerability. ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
