by Ari Singer, CTO (interviewed by Ives Brant)
What determines whether you should build a security architecture around TPMs in 2023? To answer that, we began by interviewing Ari Singer, who is CTO here at TrustiPhi and a long-time security architect with two decades in trusted computing.
Ari has chaired both the Trusted Computing Group’s Trusted Platform Module (TPM) work group and the TPM Software Stack (TSS) working group and was a key contributor to the TPM 1.2 and 2.0 specifications. He has led teams that developed multiple TSS and TPM firmware implementations and TPM-enabled applications. Ari was also chair of the IEEE P1363 working group, which defined the leading standard for public key cryptography.
TrustiPhi regularly engages with organizations that are grappling with whether their hardware-level security should incorporate a TPM. In some cases, the answer is yes. In others, newer technologies make more sense.
Q: What is a practical use of TPMs in the Internet of Things?
Ari: System designers can use TPMs to make it extremely difficult for a bad actor to swap out a system component without it being caught. For example, in automotive electronic control units (ECU), the ECU designer can build in dependencies on the TPM.
Q: Do TPMs provide Secure Boot capability to a system?
Ari: That’s another widespread misconception. The fact is, a TPM doesn’t help much to carry out Secure Boot. One reason is the sequence of events; secure boot happens before the TPM can come into play. When a system powers on, early boot code (such as a UEFI BIOS) must decide what software will run next and what measurements will be sent to the TPM. Only after those secure boot decisions are made, can the TPM be used. The currently-running software can use the TPM to authenticate or decrypt the next piece of software
Q: So TPMs have no role to play in secure boot at all?
Ari: Yes, and no. The TPM has no impact on a secure boot, but the TPM can support a well-designed boot process (including “measured boot”).
Q: If a company is determined to work with TPMs as its hardware security, who does it bring on board – where does it find the expertise?
Ari: That’s a good question, because few people really know how to work with TPMs. There’s a real shortage of TPM skills. One effect of this shortage is that TPMs are not being fully leveraged for security gains.
Q: You’re saying that most TPMs are not being tapped to their full potential?
Ari: That’s definitely the case. Most devices with TPMs use them minimally.
Q: Will that limit the use of TPMs for the Internet of Things?
Ari: Initially, it certainly has. However, with the newer, more flexible TPM 2.0, designers and developers may be able to more easily select granular TPM functions for embedded applications, from automotive ECUs to industrial sensors and smart home devices.
Reference Example: https://trustedcomputinggroup.org/resource/tcg-tpm-2-0-library-profile-for-automotive-thin/
Q: You mentioned a shortage of TPM expertise – are they very difficult to use?
Ari: Exceedingly difficult. TPM were not designed to be user-friendly, and it’s not.In fact, TPMs are so complicated that not many companies have built solutions to leverage them, despite there actually being a lot of support for TPMs – HP, IBM, Dell, Intel, Microsoft and others, over the years, built a whole ecosystem to make implementation of TPMs for PCs feasible.
Q: What cost factors come with TPMs?
Ari: TPMs are a relatively expensive addition to a system’s bill of materials. In most cases, TPMs are hardware – but they require a lot more than hardware to be implemented. To figure the cost, add in software, adapting the physical design of the device, changes to the system architecture, and modifications to integrate with the broader infrastructure. It’s simplistic to make any rough estimate, but adding a TPM could easily increase the cost of a device by fifty cents or more.
Q: Is that a high price for hardware-level security?
Ari: For many embedded applications, selling at a lower price point, fifty cents could be unacceptable. For devices already being re-architected or that have high security requirements, like those used to operate and secure industrial sites or critical infrastructure, the incremental cost is more likely to be justifiable.
Q: When should TPMs not be considered for use?
Ari: If the requirement is just to protect symmetric or asymmetric keys, then simpler hardware or software-based designs can probably meet that requirement as well as a TPM.
Q: What if what’s needed is merely a secure repository for encryption keys?
Ari: Then TPM is probably overkill and overspend.
Q: Besides being used in new products, can you retrofit existing systems with a TPM?
Ari: Certainly not with a hardware-based TPM. The TPM has to be architected into the overall system from the beginning. There’s no way to plug TPMs into the design after a device has been physically manufactured. The TPM requires real estate on the circuit board, and to perform properly it has to be carefully integrated into the boot process and security functions of the platform.
Q: And if the TPM is not hardware?
Ari: Firmware or software-based TPMs are typically not as secure as a hardware-based TPM, but they do offer an option that, yes, could be integrated into an existing design.
Q: What are the takeaways for security architects designing new products?
Ari: Adding TPM to the requirements list for a new system does not magically solve the security problems. There is extensive integration and implementation work involved, and that takes time and money.
Q: Is TPM the best solution for IoT devices?
Ari: There’s no absolute yes or no answer, but for simpler, smaller devices which describes much of the IoT, there are alternatives like SoCs, devices with a Trusted Execution Environment (TEE), and Micron Authenta, which is a hardware security element in an otherwise standard flash memory chip. Each solution has its tradeoffs for loT applications.