Tag Archives: FIPS 140-2

TPM: The heavy artillery of cryptography

Data security is becoming a virtual battleground — evident by the number of major data breaches that have broken out at retailers such as Target, Staples, Dairy Queen, Home Depot and EBay, at major banks such as JP Morgan, and at many other institutions worldwide. The recent spate of security viruses such as Heartbleed, Shellshock, Poodle, and BadUSB (and who knows what’s next) have been creating serious angst and concern. And, rightfully so. The question is what exactly should you bring to the cyber battleground to protect your assets? This question matters because everyone who is using software to store cryptographic keys is vulnerable to losing sensitive personal data, and today that is just about everybody. So, choose your weapons carefully.


Fortunately, there are weapons now available that are very powerful while still being cost-effective. The strongest data protection available comes from hardware key storage, which beats software key storage every time. Keys are what make cryptography possible, and keeping secret keys secret is the secret to cryptography. Atmel’s portfolio contains a range of innovative and robust hardware-based security products, with the heavy artillery being the Trusted Platform Module (TPM).


The TPM is a cryptographic device with heavy cryptographic firepower, such as Platform Configuration Registers, protected user configurable non-volatile storage, an enforced key hierarchy, and the ability to both seal and bind data to a TPM. It doesn’t stop there. Atmel’s TPM has a variety of Federal Information Processing Standards (FIPS) 140-2 certified cryptographic algorithms (such as RSA, SHA1, AES, RNG, and HMAC) and various sophisticated physical security counter-measures. The TPM can be used right out-of-the-box with standards-based commands defined by the Trusted Computing Group, along with a set of Atmel-specific commands, which are tested and ready to counter real world attacks.

The Arsenal

Platform Configuration Registers and Secure Boot

One of the important weapons contained in the TPM is a bank of Platform Configuration Registers (PCRs), which use cryptographic hashing functions. These registers can be used to ensure that only trusted code gets loaded at boot time of the system. This is done by using the existing data in a PCR as one input to a hashing function with the other input being new data. The result of that hashing function becomes the new PCR value that will be used as the input to the next hashing function with the next round of new data. This process provides security by continuously changing the value of the PCR.


As the PCR value gets updated, the updated values can then be compared with known hash values stored in the system. If the reference values previously stored in the TPM compare correctly with the newly generated PCR values, then the inputs to the hashing function (new data in the diagram) are proven to have been exactly the same as the reference inputs whose hash is stored on the TPM. Such matching of the hash values verifies the inputs as being authentic.

The PCR flow just described is very useful when enforcing secure boot of the system. Unless the hashes match showing that the code is, indeed, what it is supposed to be, the code will not be loaded. Even if a byte is added, deleted, changed, or if a bit is modified, the system will not boot. For secure boot, the data input to the hashing function is a piece of the BIOS (or operating system).

User Configurable Non-Volatile Storage

Another weapon is user-configurable, non-volatile storage with multiple configuration options. What this means is that the user is presented with several ways to restrict the access and use of the memory space, such as by password, physical presence of the user, and PCR states. Additionally, the memory space can be set up so that it can be written only once, not read until the next write or startup of the TPM, not written to until the next startup of the TPM, and others.

Enforced Key Hierarchy

The TPM also incorporates an enforced key hierarchy, meaning that the keys must have another key acting as a parent key (i.e. a key higher in a hierarchy) for that key to get loaded into the TPM. The authorization information for the parent key needs to be known before the child key can be used, thereby adding another layer of security.

Binding and Sealing Data

Another part of the TPM’s arsenal is the ability to bind and/or seal data to the TPM. A seal operation keeps the data contained (i.e. “sealed”) so that it can only be accessed if a particular pre-defined configuration of the system has been reached. This pre-defined configuration is held within the PCRs on the TPM. The TPM will not unseal the data until the platform configuration matches the configuration stored within the PCRs.

A bind operation creates encrypted data blobs (i.e. binary large objects) that are bound to a private key that is held within the TPM. The data within the blob can only be decrypted with the private key in the TPM. Thus, the data is said to be “bound” to that key — such keys can be reused for different sets of data.

The Armor 

So the Atmel TPM has some pretty cool weapons in its arsenal, but does it have any armor? The answer is yes it does!

FIPS 140-2 Certified 

Atmel has dozens of FIPS 140-2 full module-level certified devices with various I/O’s including LPC, SPI, and I2C. The TPM uses a number of FIPS certified algorithms to perform its operations. These standards were developed, tested, and certified by the United States federal government for use in computer systems. The TPM’s FIPS certified algorithms include RSA, SHA1, HMAC, AES, RNG and CVL (find out more details on Atmel’s TPM FIPS certifications here).


Active Metal Shield

The TPM has built-in physical armor of its own. A serpentine active metal shield with tamper detection covers the entire device. If someone attempts to penetrate this shield to see the structures beneath it, the TPM can detect this and go into a fault condition that prevents further actions on the TPM.

Why TPM?

You might be asking, “Why can’t all those functions just be done in software?” While some of the protections can be provided in software, software alone is not nearly as robust as a hardware-based system. That is because software has bugs, despite how hard the developers try to eliminate them, and hackers can exploit those bugs to gain access to supposedly secure systems. TPM, on the other hand,stores secret keys in protected hardware that hackers cannot get access to, and they cannot attack what they cannot see.

The TPM embeds intelligence via an on-board microcontroller to manage and process cryptographic functions. The commands used by the Atmel TPM have been defined and vetted by the Trusted Computing Group (TCG), which is a global consortium of companies established to define robust standards for hardware security. Furthermore, the Atmel TPM has been successfully tested against TCG’s Compliance Test Suite to ensure conformance. Security is also enhanced because secrets never leave the TPM unless they have been encrypted.

With the battle for your data being an on-going reality, it simply makes sense to fight back with the heaviest artillery available. Combining all the weaponry and armor in one small, strong, cost effective, standards-based and certified package makes the Atmel TPM cryptographic the ideal choice for your arsenal.

This blog was contributed by Tom Moulton, Atmel Firmware Validation Engineer.

Shouldn’t security be a standard?

Security matters now more than ever, so why isn’t security a standard feature in all digital systems? Luckily, there is a standard for security and it is literally standards-based. It is called TPM. TPM, which stands for Trusted Platform Module, can be thought of as a microcontroller that can take a punch, and come back for more.

“You guys give up, or are you thirsty for more?"

“You guys give up, or are you thirsty for more?”

The TPM is a small integrated circuit with an on-board microcontroller, secure hardware-based private key generation and storage, and other cryptographic functions (e.g. digital signatures, key exchange, etc.), and is a superb way to secure email, secure web access, and protect local data. It is becoming very clear just how damaging loss of personal data can be. Just ask Target stores, Home Depot, Brazilian banks, Healthcare.gov, JP Morgan, and the estimated billions of victims of the Russian “CyberVor” gang of hackers. (What the hack! You can also follow along with the latest breaches here.) The world has become a serious hackathon with real consequences; and, unfortunately, it will just get worse with the increase of mobile communications, cloud computing, and the growth of autonomous computing devices and the Internet of Things.

What can be done about growing threats against secure data?

The TPM is a perfect fit for overall security. So, just how does the TPM increase security? There are four main capabilities:

  1. Furnish platform integrity
  2. Perform authentication (asymmetric)
  3. Implement secure communication
  4. Ensure IP protection

These capabilities have been designed into TPM devices according to the guidance of an industry consortium called the Trusted Computing Group (TCG), whose members include many of the 800-pound gorillas of the computing, networking, software, semiconductor, security, automotive, and consumer industries. These companies include Intel, Dell, Microsoft, among many others. The heft of these entities is one of the vectors that is driving the strength of TPM’s protections, creation of TPM devices, and ultimately accelerating TPM’s adoption. The TPM provides security in hardware, which beats software based security every time. And that matters, a lot.

TPM Functions

Atmel TPM devices come complete with cryptographic algorithms for RSA (with 512, 1024, and 2048 bit keys), SHA-1, HMAC, AES, and Random Number Generator (RNG). We won’t go into the mathematical details here, but note that Atmel’s TPM has been Federal Information Processing Standards (FIPS) 140-2 certified, which attests to its high level of robustness. And, that is a big deal. These algorithms are built right into Atmel TPMs together with supporting software serve to accomplish multiple security functions in a single device.

Each TPM comes with a unique key called an endorsement key that can also be used as part of a certificate chain to prevent counterfeiting. With over 100 commands, the Atmel TPM can execute a variety of actions such as key generation and authorization checks. It also provides data encryption, storage, signing, and binding just to name a few.

An important way that TPMs protect against physical attacks is by a shielded area that securely stores private keys and data, and is not vulnerable to the types of attacks to which software key storage is subjected.


But the question really is, “What can the TPM do for you?”  The TPM is instrumental in systems that implement “Root of Trust” (i.e. data integrity and authentication) schemes.

Root of trust schemes use hashing functions as the BIOS boots to ensure that there have been no unwanted changes to the BIOS code since the previous boot. The hashing can continue up the chain into the OS. If the hash (i.e. digest) does not match the expected result, then the system can limit access, or even shut down to prevent malicious code from executing.  This is the method used in Microsoft’s Bitlocker approach on PCs, for example. The TPM can help to easily encrypt an entire hard drive and that can only be unlocked for decryption by the key that is present on the TPM or a backup key held in a secure location.

Additionally, the TPM is a great resource in the embedded world where home automation, access points, consumer, medical, and automotive systems are required. As technology continues to grow to a wide spectrum of powerful and varying platforms, the TPM’s role will also increase to provide the necessary security to protect these applications.


Interested in learning more about Atmel TPM? Head here. To read about this topic a bit further, feel free to browse through the Bits & Pieces archive.

This blog was contributed by Ronnie Thomas, Atmel Software Engineer.