Author: Mike Hearn 2013-07-30 12:12:51
Published on: 2013-07-30T12:12:51+00:00
The Trusted Platform Module (TPM) is a secure hardware used to store keys and small pieces of data that cannot easily be extracted even with physical access. It is not a crypto accelerator but provides various cryptographic services to the host system. The TPM supports trusted computing, which allows remote attestation, software sealing, and other functions. However, due to political issues, it exists in a quasi-finished, semi-broken state that only experts can use. As part of its role, the TPM provides permanent storage in the form of Non-Volatile Random Access Memory (NVRAM). While the TPM is designed to have limited write cycles, Pond uses it to encrypt local data by storing keys there. To effectively destroy data on disk, the key in the TPM's memory area is erased. This is useful because modern disks are often SSD drives or physical metal disks that use log structured file systems. Such disks have firmware that remaps writes from logical addresses to different physical addresses to avoid wearing down the drive and extend its useful life. Using TPM NVRAM solves this problem but comes at a high usability cost. Pond takes forward security seriously and uses the NVRAM in a TPM chip to reliably destroy keys for data that an SSD device might have otherwise made un-erasable.
Updated on: 2023-06-07T14:47:00.130899+00:00