• caglararli@hotmail.com
  • 05386281520

How does a TPM verify the identity of the calling process/service?

Çağlar Arlı      -    29 Views

How does a TPM verify the identity of the calling process/service?

Any application can use a TPM chip to securely create and store cryptographic keys. For example for Digital Rights Management (DRM) or for prevention of cheating in online games.

However, how can a TPM be sure of the identity of the process/service that is calling it (and consequently be sure the secrets will not be shared with a malicious entity)?

"Hi TPM, I'm Windows Defender, give me all the secrets you have". (Actually just another malicious process).

I suppose there is some kind of authentication/authorization of the process/service in place.

Can someone explain how that works?