Goals
- Secure Quantum-Resistant Cryptographic Algorithms for the TPM FutureTPM aims to identify, design and develop QR algorithms for each cryptographic primitive supported by a TPM. This includes the development of bespoke provable-secure quantum-resistant algorithms for (i) Symmetric Cryptography, (ii) Asymmetric Cryptography and (iii) Privacy-protecting primitives, such as Direct Anonymous Attestation.
- Design Validation using Formal Security Analysis FutureTPM aims to define and design appropriate formal methods, including computer-aided proof systems and automated proof tools, to support the security analysis model needed to reason about systems on the scale of the TPM specification. For example, the key hierarchy feature used by TPMs to store key material and other sensitive information in "untrusted" memory regions is commonly used for remotely providing key material to servers once their identity and key material has been established.
- Implementation of Hardware, Software, and Virtual TPM FutureTPM aims to demonstrate the applicability of the identified QR algorithms to the full range of possible TPM environments. This entails the implementation and rigorous evaluation of the designed QR algorithm suite in three types of TPM environment: (i) the hardware TPM (hTPM), (ii) the software TPM (sTPM), and (iii) the virtual TPM (vTPM).
- Standardization within TCG, ISO/IEC and ETSI Planned outcomes of the project include the development of standardisation proposals that push the state of the art in the areas of cryptography and the TPM itself, and will involve the technical committees of the relevant standards bodies, notably ISO, IEC, ETSI and the TCG.
- Provision of Run-Time Risk Assessment and Vulnerability Analysis Methodologies In many cases, the operation of devices hosting the TPM may leak sensitive information (e.g., via side-channel attacks) which can be used to mount successful attacks to recover secret information. In this context, the FutureTPM will design risk analysis methods that target all the phases of a system’s development lifecycle, including from design time to near real-time risk quantification of newly identified attacks.