|
|
|
|
|
|
by derekerdmann
4242 days ago
|
|
|
That is not what the linked patent describes. In that patent, the base key in the hierarchy (the one created by the administrator, NOT the storage root of trust or SRK) is created outside the TPM and stored elsewhere, then imported and used. If the TPM is cleared or reset, then loading the key will fail and the base key will need to be imported again. Creating key hierarchies under the SRK that can be duplicated or moved is actually very clearly specified in the TPM 2.0 spec, and is at least partially meant for exactly this sort of recovery process. The seed that's used to derive the SRK itself will still never leave the TPM, so any keys that are in a separate hierarchy under the SRK (instead of the imported base key) are still secure. https://www.trustedcomputinggroup.org/resources/tpm_20_libra... |
|
|
Whether this becomes escrow for law enforcement depends on where/how it is escrowed. The example with Bitlocker and Device Encryption is one such way to do that.