Explore how Google leverages Trusted Platform Modules (TPMs) to cryptographically verify devices at scale in this 40-minute conference talk by Matthew Garrett and Tom D'Netto. Delve into the challenges of maintaining device security once it leaves IT control and learn about TPMs' unique cryptographic identities. Discover how firmware and bootloaders utilize TPMs to generate verifiable logs of the entire boot process. Gain insights into Google's methods for building trust in a geographically diverse fleet of machines, establishing strong hardware-backed identities, and using remote attestation to prove sanctioned boot chains. Learn about newly-released cross-platform open-source libraries that enable others to build similar infrastructure. The talk covers topics such as the trust problem, TPM functionality, endorsement keys, association keys, and concludes with a Q&A session.
Using TPMs to Cryptographically Verify Devices at Scale
Overview
Syllabus
Introduction
Agenda
Trust Problem
What is a TPM
Purpose of a TPM
TPM functionality
TPM endorsement keys
Association keys
Overview
Open Source
Go
Questions
Taught by
Linux Foundation
Tags
Related Courses
-
TPM Based Attestation - How Can We Use It for Good?
-
What Does It Mean to Trust Your Boot Process
-
Trusting Your Raspberry Pi - An Introduction to the TPM and IoT
-
Keylime: Securing Your Slice of the Cloud
-
Keylime - An Open Source TPM Project for Remote Trust
-
Keylime - An Open Source TPM Project for Remote Trust of IoT
