About

Vision
FutureTPM will provide a new generation of TPM-based solutions, incorporating robust and formally verified QR cryptographic primitives.

The goal is to enable a smooth transition from current TPM environments, based on existing widely used and standardised cryptographic techniques, to systems providing enhanced security through QR cryptographic functions, including secure authentication, encryption and signing functions. By designing an innovative portfolio of high-security QR algorithms for primitives such as Key Agreement, Encryption, Signature, Cryptographic Hashing, Message Authentication Code (MAC) Functions, and Direct Anonymous Attestation (DAA), FutureTPM will fill the gaps that currently threaten its long-term security properties. This will enable FutureTPM systems to generate a secure root of trust that can be used for interacting with Cloud services, accessing corporate services, performing banking and eCommerce transactions, along with a wide range of other services.



Goals

Secure Quantum-Resistant Cryptographic Algorithms for the TPM
Secure Quantum-Resistant Cryptographic Algorithms for the TPM
Implementation of Hardware, Software, and Virtual TPM
Implementation of Hardware, Software, and Virtual TPM
Standardization within TCG, ISO/IEC and ETSI
Standardization within TCG, ISO/IEC and ETSI
Provision of Run-Time Risk Assessment and Vulnerability Analysis Methodologies
Provision of Run-Time Risk Assessment and Vulnerability Analysis Methodologies
Design Validation using Formal Security Analysis
Design Validation using Formal Security Analysis



Use Cases

FutureTPM aims to prove and validate the applicability, usability, effectiveness and value of the QR TPM concepts, models and algorithms in real-world settings, including industry and commerce, which may be affected by the advent of quantum computing. This will be achieved by examining their application to the following predefined set of use cases:

  • Online banking
    Mobile wallet and payment is receiving significant attention because it enables an easy payment mechanism and becomes an important complement to traditional payment methods. However, using a mobile wallet over open devices and networks poses security challenges of a new dimension. Security is fundamental to the overall functionality of the mobile payment transaction itself. How the sensitive tokens are handled by the mobile payment app and the corresponding backend server are key security and trust considerations. The “INDEV Secure Mobile Wallet and Payments” use case works on protecting sensitive data by making it tamper-proof, demonstrating how the use of FutureTPM project can benefit mobile wallet and payment applications to be secure and trusted.
  • Activity tracking
    The S5 Activity Tracker use case aims to demonstrate how FutureTPM can be used to increase security and trust for personal data sharing in the post-quantum era. Built on the existing S5 Activity Tracker infrastructure, the use case will demonstrate how personal activity data generated at users’ side (through wearables, IoT devices, etc.) can be securely and anonymously transferred and stored in a central repository that is capable of sharing analytics with trusted third party entities (such as physicians or care providers) without disclosing any personal or sensitive information from the user.
  • Device management
    The device management use case focuses on the management of network infrastructures, such as those found in enterprise organizations. Companies often define strict security policies to protect their valuable data and rely on the network infrastructure to support them. However, this protection could be breached if a network device is compromised. In such a scenario, private, financial, or employee information could be leaked and redirected to points of exploitation or exposed for later brute-forcing. The demonstrator will show how management of the network infrastructure can be enhanced to take into account the integrity of the network devices with techniques introduced by trusted computing.