On Thu, 12 Mar 2020 at 20:43, Stuart Yoder stuart.yoder@arm.com wrote:
https://buyzero.de/products/letstrust-hardware-tpm-trusted-platform-module?v...
Would we be able to use this as root of trust?
AFAIK, TPM in itself can't act as a root of trust. It is rather a passive device which can provide you with trusted/secure services. In general a root of trust is the first piece of *non-modifiable* code that runs on a platform which is BootROM that establishes the chain of trust via verifying the first stage boot-loader which in turn continues the chain of trust to next boot stages and so on.
You do need to take care with "root of trust" terminology.
A root of trust is something that is inherently trusted, and in which a compromise can't be detected. There are various terminology schemes proposed from GlobalPlatform, TCG, NIST-- e.g. roots of trust for: update, verification, measurement, storage, reporting, etc.
So a boot ROM is _a_ root of trust-- for example a root of trust for verification.
A TPM is a root of trust for storage (i.e. securely storing measurements) and for reporting (i.e. providing cryptographically signed attestation reports).
So, it depends what you mean.
I guess the context of discussion was pretty clear in this regard: "Secure boot for Raspberries", no?
BTW, in general I agree with you that one shouldn't confuse "root of trust for Secure boot" with "root of trust for storage or reporting".
-Sumit
Thanks, Stuart