you are asking all the right questions, that people are working on in TCG and everywhere
I'd even add the question about CRTMs for Embedded (ARM) Systems to the mix.
What I can point you to is:
Maybe you will find some of those answers there.
Otherwise, embedded platforms differ so hugely, that some custom aspects always need to be
Thus in the end, its a matter of profiles and some example cases that you will need to
choose from. The problem with
this is however that it's a bunch of eggs with no hens...
I.e. IMHO, I think we may need more real-world deployments that are custom build before
being able to further cluster, classify and standardize on deployment and other processes
in the embedded realm. So anything you may want to share about your project could help in
I hope I could confuse you enough... ;-)
From: tpm2 [tpm2-bounces(a)lists.01.org] on behalf of Sven Schwermer
Sent: Tuesday, March 13, 2018 13:52
Subject: [tpm2] TPM 2.0 in embedded systems
I am looking into using a TPM 2.0 in an embedded Linux system. I am facing a few
challenges that I couldn’t really find answers to. Some of the open questions are:
- What are the best practices for what hierarchies to use? Since there is no “end user”,
but only a platform manufacturer, all hierarchies seem similarly suited.
- How does authorisation work on an embedded system? All pre-shared secrets (plain text
passwords/HMAC) would need to be baked into the firmware, so there is no real security
benefit. Are we stuck with the complex but powerful policy-based authorisation (likely PCR
- How to provision the device? What needs to be done at the factory, what is done on
- Best practices for common problems, e.g. how securely authenticate against a server.
Are there resources out there that answer the above mentioned types of questions?
tpm2 mailing list