1 Scope
1.1 Key words
1.2 Statement Type
2 Normative references
3 Abbreviated Terms
4 Conformance
4.1 Introduction
4.2 Threat
4.3 Protection of functions
4.4 Protection of information
4.5 Side effects
4.6 Exceptions and clarifications
5 TPM Architecture
5.1 Interoperability
5.2 Components
5.2.1 Input and Output
5.2.2 Cryptographic Co-Processor
5.2.3 Key Generation
5.2.4 HMAC Engine
5.2.5 Random Number Generator
5.2.6 SHA-1 Engine
5.2.7 Power Detection
5.2.8 Opt-In
5.2.9 Execution Engine
5.2.10 Non-Volatile Memory
5.3 Data Integrity Register (DIR)
5.4 Platform Configuration Register (PCR)
6 Endorsement Key Creation
6.1 Controlling Access to PRIVEK
6.2 Controlling Access to PUBEK
7 Attestation Identity Keys
8 TPM Ownership
8.1 Platform Ownership and Root of Trust for Storage
9 Authentication and Authorization Data
9.1 Dictionary Attack Considerations
10 TPM Operation
10.1 TPM Initialization & Operation State Flow
10.1.1 Initialization
10.2 Self-Test Modes
10.2.1 Operational Self-Test
10.3 Startup
10.4 Operational Mode
10.4.1 Enabling a TPM
10.4.2 Activating a TPM
10.4.3 Taking TPM Ownership
10.4.4 Transitioning Between Operational States
10.5 Clearing the TPM
11 Physical Presence
12 Root of Trust for Reporting (RTR)
12.1 Platform Identity
12.2 RTR to Platform Binding
12.3 Platform Identity and Privacy Considerations
12.4 Attestation Identity Keys
12.4.1 AIK Creation
12.4.2 AIK Storage
13 Root of Trust for Storage (RTS)
13.1 Loading and Unloading Blobs
14 Transport Sessions and Authorization Protocols
14.1 Authorization Session Setup
14.2 Parameter Declarations for OIAP and OSAP Examples
14.2.1 Object-Independent Authorization Protocol (OIAP)
14.2.2 Object-Specific Authorization Protocol (OSAP)
14.3 Authorization Session Handles
14.4 Authorization-Data Insertion Protocol (ADIP)
14.5 AuthData Change Protocol (ADCP)
14.6 Asymmetric Authorization Change Protocol (AACP)
15 ISO/IEC 19790 Evaluations
15.1 TPM Profile for successful ISO/IEC 19790 evaluation
16 Maintenance
16.1 Field Upgrade
17 Proof of Locality
18 Monotonic Counter
19 Transport Protection
19.1 Transport encryption and authorization
19.1.1 MGF1 parameters
19.1.2 HMAC calculation
19.1.3 Transport log creation
19.1.4 Additional Encryption Mechanisms
19.2 Transport Error Handling
19.3 Exclusive Transport Sessions
19.4 Transport Audit Handling
19.4.1 Auditing of wrapped commands
20 Audit Commands
20.1 Audit Monotonic Counter
21 Design Section on Time Stamping
21.1 Tick Components
21.2 Basic Tick Stamp
21.3 Associating a TCV with UTC
21.4 Additional Comments and Questions
22 Context Management
23 Eviction
24 Session pool
25 Initialization Operations
26 HMAC digest rules
27 Generic authorization session termination rules
28 PCR Grand Unification Theory
28.1 Validate Key for use
29 Non Volatile Storage
29.1 NV storage design principles
29.1.1 NV Storage use models
29.2 Use of NV storage during manufacturing
30 Delegation Model
30.1 Table Requirements
30.2 How this works
30.3 Family Table
30.4 Delegate Table
30.5 Delegation Administration Control
30.5.1 Control in Phase 1
30.5.2 Control in Phase 2
30.5.3 Control in Phase 3
30.6 Family Verification
30.7 Use of commands for different states of TPM
30.8 Delegation Authorization Values
30.8.1 Using the authorization value
30.9 DSAP description
31 Physical Presence
31.1 Use of Physical Presence
32 TPM Internal Asymmetric Encryption
32.1.1 TPM_ES_RSAESOAEP_SHA1_MGF1
32.1.2 TPM_ES_RSAESPKCSV15
32.1.3 TPM_ES_SYM_CTR
32.1.4 TPM_ES_SYM_OFB
32.2 TPM Internal Digital Signatures
32.2.1 TPM_SS_RSASSAPKCS1v15_SHA1
32.2.2 TPM_SS_RSASSAPKCS1v15_DER
32.2.3 TPM_SS_RSASSAPKCS1v15_INFO
32.2.4 Use of Signature Schemes
33 Key Usage Table
34 Direct Anonymous Attestation
34.1 TPM_DAA_JOIN
34.2 TPM_DAA_Sign
34.3 DAA Command summary
34.3.1 TPM setup
34.3.2 JOIN
34.3.3 SIGN
35 General Purpose IO
36 Redirection
37 Structure Versioning
38 Certified Migration Key Type
38.1 Certified Migration Requirements
38.2 Key Creation
38.3 Migrate CMK to a MA
38.4 Migrate CMK to a MSA
39 Revoke Trust
40 Mandatory and Optional Functional Blocks
41 1.1a and 1.2 Differences
42 Bibliography