Menu
▾
▴
Re: [Trustedjava-support] Encrypting the private part of an RSA key
|
From: Jonathan M. <jon...@cm...> - 2012-01-13 16:25:26
|
You might also look at IBM's software implementation to see how they implemented the internals of the TPM in this regard: http://ibmswtpm.sourceforge.net/ -Jon On Fri, Jan 13, 2012 at 10:14 AM, <Fed...@ff...> wrote: > Hi again, > > Maybe I found the answer myself, so I will report it just in case anyone > else ever wondered or someone who already knows can correct me if I am > wrong. > > After going through the source code of the jTSS I realized that the wrapping > of a key is done inside the TPM, os I went to look at the TPM specs, in > particular the data structure part, and there it says the an asymmetric key > is stored so that the private part cannot be bigger than 151 bytes > (TPM_STORE_PRIVKEY). > > This is possible because it is not the private exponent that is stored as > private key (which is usually nearly as big as the modulus itself), but one > of the two prime factor of the modulus, and 151 bytes CAN be encrypted by a > 2048 RSA public key in one block. > > > > Federico > > > > Fra: Fed...@ff... [mailto:Fed...@ff...] > Sendt: 12. januar 2012 09:18 > Til: sha...@ya... > Kopi: tru...@li... > > > Emne: Re: [Trustedjava-support] Encrypting the private part of an RSA key > > > > Hi, > > Thanks for your pointer, but I had already read the book, and that is what > confused me. > > In chapter 2 “Secure Storage – Storing asymmetric keys” it says that > asymmetric keys are encrypted under a 2048 RSA key and the format used is > the PKSC#1 v2.0. My question was about how this was done in practice since a > public 2048 RSA key can encrypt less than 256 bytes and a RSA private key is > usually at least as big as the modulus, i.e. 256 bytes. I read also the > PKSC#1 v2.0 (not line by line, but I had a close look), and I could not > find any specific guidelines for encrypting private keys, only to format and > encode them. > > In other words, if at some point the TPM produces an AIK, and this must be > stored outside the TPM protected by the SRK key, how is this done in > practice? > > Or is the AIK key encrypted with a symmetric key in turn encrypted with the > SRK public key? > > Also a pointer to the source code where this is implemented would be fine, > if possible. > > > > Thanks again, and sorry if the question is trivial, but I am clearly missing > some probably stupid detail here, and I cannot seem to figure out what it > is. > > > > Federico > > > > Fra: Shakir Ullah shah [mailto:sha...@ya...] > Sendt: 12. januar 2012 05:59 > Til: Mancini, Federico > Emne: Re: [Trustedjava-support] Encrypting the private part of an RSA key > > > > Hi > > > > You can find answer to your question by reading chapter 2 of > IBM.Press.A.Practical.Guide.to.Trusted.Computing.Jan.2008 book. > > > > Regards > > Shakir > > > > From: "Fed...@ff..." <Fed...@ff...> > To: tru...@li... > Sent: Wednesday, January 11, 2012 8:15 PM > Subject: [Trustedjava-support] Encrypting the private part of an RSA key > > > > Hi, > > I am new here and I have only recently started reading up on trusted > computing and TPM for a project I am part of. > > I think I got all the basics, but now that I am entering more technical > details, I find all my books and sources are not enough any more. > > That is why I have starting looking at your implementation of the TSS (which > I plan to use soon to implement some ideas) and why I am posting here, > since whoever implemented something like this, must have a very good and > practical knowledge of the specifications J > > The question I have is about how asymmetric keys are stored securely outside > the TPM. > > As far as I understand, AIK or Storage keys are asymmetric pairs of keys and > are stored outside the TPM in a secure way protected by their parent key. > > I guess this means that the private part of these keys must be encrypted, > and in particular it should be encrypted with the SRK or > > other parent storage keys, which are also asymmetric. So how is this done? > By encrypting the private part of a key with the public part of its parent > key (possibly the SRK itself)? > > If so, isn’t a private key too big to fit in one RSA encrypted block? Does > it have to be split in smaller blocks first? If so how (is there a standard) > ? > > Reading your Javadoc I found at least two methods that return an encrypted > private key (TspCreateWrapKey_Internal), so I hope you can help me out with > this. > > > > This question is bugging me since in the book “A practical guide to trusted > computing” there is a whole section dedicated to how big a symmetric key can > be to be encrypted by a binding (asymmetric) key, > > but there does not seem to be a problem to encrypt potentially big private > keys instead. > > > > Thanks for any answer! > > > > Federico Mancini > > > > > ------------------------------------------------------------------------------ > Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex > infrastructure or vast IT resources to deliver seamless, secure access to > virtual desktops. With this all-in-one solution, easily deploy virtual > desktops for less than the cost of PCs and save 60% on VDI infrastructure > costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox > _______________________________________________ > Trustedjava-support mailing list > Tru...@li... > https://lists.sourceforge.net/lists/listinfo/trustedjava-support > > > ------------------------------------------------------------------------------ > RSA(R) Conference 2012 > Mar 27 - Feb 2 > Save $400 by Jan. 27 > Register now! > http://p.sf.net/sfu/rsa-sfdev2dev2 > _______________________________________________ > Trustedjava-support mailing list > Tru...@li... > https://lists.sourceforge.net/lists/listinfo/trustedjava-support > |
