Using TPM Secure Storage in Trusted High Availability Systems

Martin Hell, Linus Karlsson, Ben Smeets, Jelena Mirosavljevic

Research output: Chapter in Book/Report/Conference proceedingPaper in conference proceedingpeer-review

383 Downloads (Pure)


We consider the problem of providing trusted computing
functionality in high availability systems. We consider the case where
data is required to be encrypted with a TPM protected key. For redundancy,
and to facilitate high availability, the same TPM key is stored in
multiple computational units, each one ready to take over if the main
unit breaks down. This requires the TPM key to be migratable. We show
how such systems can be realized using the secure storage of the TPM.
Hundreds of millions TPM 1.2 chips have been shipped but with the recent
introduction of TPM 2.0, more manufacturers are expected to start
shipping this newer TPM. Thus, a migration from TPM 1.2 to TPM 2.0
will likely be seen in the next few years. To address this issue, we also
provide an API that allows a smooth upgrade from TPM 1.2 to TPM
2.0 without having to redesign the communication protocol involving the
dierent entities. The API has been implemented for both TPM 1.2 and
TPM 2.0.
Original languageEnglish
Title of host publicationTrusted Systems/Lecture Notes in Computer Science
EditorsMoti Yung, Liehuang Zhu, Yanjiang Yang
ISBN (Electronic)978-3-319-27998-5
ISBN (Print)978-3-319-27997-8
Publication statusPublished - 2014
EventINTRUST 2014 - Beijing, China
Duration: 2014 Dec 162014 Dec 17

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743


ConferenceINTRUST 2014

Subject classification (UKÄ)

  • Electrical Engineering, Electronic Engineering, Information Engineering

Free keywords

  • Trusted Computing
  • TPM
  • Migration
  • Certiable Migration Key
  • Secure Storage


Dive into the research topics of 'Using TPM Secure Storage in Trusted High Availability Systems'. Together they form a unique fingerprint.

Cite this