TPM Storage Key & Encrypt Leaf Keys

TL;DR

No, a TPM storage key cannot be used to generate an encrypt leaf key (child key) if the storage key itself is stored outside of the TPM. The security of the entire chain relies on the TPM protecting the storage root key.

Understanding the Concepts

Before we dive into why this doesn’t work, let’s quickly cover some basics:

• TPM (Trusted Platform Module): A hardware security module that provides secure key storage and cryptographic operations.
• Storage Root Key (SRK): The master key within the TPM. All other keys are derived from this. It’s crucial to keep this protected.
• Storage Key: Used to encrypt other keys stored *within* the TPM.
• Encrypt Leaf Key (Child Key): A key generated under a parent key (like a storage key) and used for specific encryption/decryption tasks.

Why Storing the Storage Key Outside the TPM is a Problem

The fundamental principle of TPM security is that the SRK remains within the TPM’s protected environment. If you store the storage key outside, you lose this protection.

Step-by-Step Explanation

1. TPM Key Hierarchy: The TPM operates on a hierarchical key structure. Keys are created under parent keys.
2. SRK Protection: The SRK is protected by the TPM’s physical security and internal mechanisms (e.g., PCR measurements). This means it’s very difficult to extract or compromise.
3. Storage Key Dependency: A storage key is created *using* the SRK. It inherits its security properties from the parent SRK.
4. Compromised Storage Key: If your storage key is stored in a file, registry, or any other non-TPM location, it’s vulnerable to compromise (malware, physical access, etc.).
5. Broken Chain of Trust: When you try to use a compromised storage key to generate an encrypt leaf key, the entire chain of trust is broken. The TPM will likely refuse the operation or, worse, allow the creation of a key that can be easily decrypted by an attacker who has access to the compromised storage key.

Example Scenario

Let’s say you try to create an encrypt leaf key using a storage key stored in a file:

# This is a conceptual example - actual commands vary by TPM toolset

tpm2_createprimary -g RSA -o storageKeyFile -S myStorageKey # Create storage key and save to file (BAD!)

tpm2_create -P storageKeyFile -g RSA -o encryptLeafKey # Attempt to create leaf key using the external storage key.  This will likely fail or be insecure.

What Happens if it *Seems* to Work?

In some cases, you might get a seemingly successful result. However, this doesn’t mean your system is secure. The TPM may not have sufficient checks in place to detect the compromised storage key, or the toolset you are using might allow insecure operations.

Secure Approach

1. Keep SRK Protected: Never attempt to extract the SRK from the TPM.
2. Create Storage Keys Within the TPM: Use TPM tools (e.g., tpm2-tools, BitLocker) to create storage keys directly within the TPM’s secure environment.
3. Use Appropriate APIs: When using programming interfaces for TPM operations, ensure you are utilizing functions that enforce key hierarchy and protection mechanisms.

Conclusion

Storing a TPM storage key outside of the TPM defeats its purpose. Always keep your SRK and derived keys within the TPM’s secure boundaries to maintain the integrity and confidentiality of your data.