A Practical Guide to TPM 2.0

  title={A Practical Guide to TPM 2.0},
  author={Will Arthur and David C. Challener and Kenneth A. Goldman},
With the Fall 2013 cybersecurity report recommendation to the President of the United States that TPMs be universally adopted for computing devices and the increasing interest being generated by the TPM 2.0 standard, the world of TPMs is heating up. A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security aims to educate developers, security architects, engineering management, and ordinary users about TPM 2.0. It describes security and TPM concepts using… 
Evaluation of Lightweight TPMs for Automotive Software Updates over the Air
This paper discusses the use cases and benefits of TPM usage in automotive ECUs, and shows and evaluates how the Automotive Thin Profile released by the Trusted Computing Group can be used to secure Software OverThe-Air updates.
Privacy Concerns of TPM 2 . 0
Solutions which are aimed at protecting end users from third-party privacy attacks have the paradoxical side-effect of exposing end users to potential tracking by manufacturers and other law enforcement entities.
Runtime Firmware Product Lines Using TPM2.0
This paper proposes an approach for secure runtime firmware product lines, based on a Trusted Platform Module (TPM) 2.0, acting as security anchor using several new TPM2.0 functionalities.
Research on Application of Trusted Computing 3.0 in Industrial Control System of Nuclear Power Plant
  • Yunmin Wang, Gang Cui, Lin Zhang, Hui Li
  • Computer Science
    2020 12th International Conference on Communication Software and Networks (ICCSN)
  • 2020
Application scenarios of Trusted Computing 3.0 in the industrial control system of nuclear power enterprises are discussed, including the overall framework of the system, the construction of trusted nodes, the deployment of thesystem, and the creation of the whole security system.
A Security-Enhanced vTPM 2.0 for Cloud Computing
The vTPM 2.0 system and the security-enhanced protection mechanism are designed and implemented for the first time and the key distribution and protection mechanism is presented.
Remote Attestation based Software Integrity of IoT devices
A model to remotely attest to the integrity of the processes running in the device and the various features of the TPM (Trusted Platform Module) to gain insight into its working and also to ascertain those which can make this process better.
Hardware-Assisted Isolation Technologies: Security Architecture and Vulnerability Analysis
  • Fatima Khalid, A. Masood
  • Computer Science
    2020 International Conference on Cyber Warfare and Security (ICCWS)
  • 2020
This paper discusses technology implementation of each type ofHardware-assisted isolation technology, and covers the vulnerability analysis against each technology with respect to the latest discovered attacks to enable a user to precisely appreciate the security capabilities of each technology.
Concept of Smart Building Cyber-physical Systems Including Tamper Resistant Endpoints
A theoretical concept for a secure CPS device update and verification mechanism is introduced and information on handling hardware-based security incorporating trusted platform modules (TPM) on those CPS devices is provided.
Personal Trusted Platform Module for the Multi-Core System of 5G Security and Privacy
An intelligent hardware and software platform is proposed for multi-core setting of policies for the automatic encryption of confidential data and selective blocking related to the implementation of computing security and confidentiality of data transfer, using such additional specially.
Cryptographic Keys Generating and Renewing System for IoT Network Nodes—A Concept
The KGR system is especially designed for clusters of the IoT nodes but can also be used by other systems and is based on the use of the hardware Trusted Platform Module v2.0 to support the procedures of creating trust structures, generating keys, protecting stored data, and securing data exchange between system nodes.


Get the command results, in this case the read data. rval = Tss2_Sys_NV_Read_Complete( sysContext, &readData )
    Intel is a trademark of Intel Corporation in the U.S. and/or other countries
      Diagram from the section AMD Secure Technology in Chapter 22 Copyright © by Advanced Micro Devices
      • 2015
      Decrypted read data = " )
        Publisher grants that Intel can re-print and reuse these diagrams and source code and that these materials are being used in this book with Intel's permission
          Publisher gratefully acknowledges the permission granted by Intel to use the following materials in this work
          • All rights and interest in that material belong to Intel
          // Roll the nonces for response RollNonces( &encryptDecryptSession, &nvRdWrRspAuths.rspAuths[1]->nonce )
            // Decrypt read data. encryptedReadData.t.size = encryptParamSize
              TPM2B_MAX_BUFFER *)&decryptedReadData, (TPM2B_MAX_BUFFER *)&encryptedReadData, &nvAuth )