Type-Based Analysis of Protected Storage in the TPM
The Trusted Platform Module (TPM) is designed to enable trustworthy computation and communication over open networks. The TPM provides a way to store cryptographic keys and other sensitive values in its shielded memory and act as Root of Trust for Storage (RTS). The TPM interacts with applications via a pre-defined set of commands (an API). In this paper, the authors give an abstraction model for the TPM 2.0 specification concentrating on protected storage part. With identification and formalization of their secrecy properties, they devise a type system with asymmetric cryptographic primitives to statically enforce and prove their security.