|
|
|
|
|
|
by cryptonector
1296 days ago
|
|
|
I should add that the main reason for this distinction between derivation and storage parents is that for keys generated on the TPM where you find them you just don't have to wrap those keys when you generate them as derived from [ultimately the hierarchy's seed] and a template, but that option is not available when importing keys generated elsewhere. The latter is called 'key duplication'. An entity can create a TPM2_Duplicate() [0] output payload encrypted to a TPM's key that the TPM can then TPM2_Import() then TPM2_Load(), and then that key at that target TPM cannot have a derivation parent since it isn't derived from any key on that TPM, therefore the only way to keep it around is to wrap it in some other key on that TPM, and that's where the storage keys come in. [0] In software, or on another TPM where the
key being duplicated is not fixedTPM and
fixedParent. Yes, one can generate keys
on a TPM that can be extracted or sent to
specific other TPMs, or not at all, at
the user's choice. Which means that one
can set up a ring of TPMs to hold a given
key, for example. I.e., TPMs can
function as HSMs.
|
|
|