TPM and Windows Vista TPM Services

Discussion in 'Computer Security' started by Matty, Dec 29, 2006.

  1. Matty

    Matty Guest

    Hi there all, I am working on a document on Windows Vista TPM Services,

    and I have several questions I'm hoping someone can answer as well as
    several thoughts I'd like some feedback on. Feel free to address any
    combination of my comments/points, but I ask that you please try to be
    informative and thoughtful in your reply- I'd like to really learn
    something after all ;-)
    1) Is the Endorsement Key used to create the hashes of integrity
    monitoring/reporting metrics? If not, what key is used?

    2) The TBB of a trusted platform is the TPM and the CRTM. The CRTM is
    either a portion of or the entire BIOS code. Both of these components
    must be trusted, and updates must be controlled. However, currently
    3rd party BIOSes are prevalent, and anyone can update them. If this
    situation does not change then basically 1 of the 2 components of the
    TBB cannot really be trusted. How can we really ever have a trusted
    computing platform if one of the 2 TBBs can be compromised? Perhaps
    this issue is being addressed when I read the phrase "TPM-compliant

    3) A trusted computing platform using a 1.2 TPM, and Windows Vista can
    enable Secure Startup and BitLocker drive encryption to secure data
    cryptographically. If the drive from this trusted computing platform
    is stolen and placed into another system running another operating
    system then what is the attacker missing in order to access the data?
    The same thing they were missing before the trusted computing platform
    was around- the encryption key. Therefore, doesn't the attacker
    still have the same methods of brute force attack at their disposal for

    cracking the encryption of the volume? How does the TPM make this
    different once the drive has been removed from the system?

    4) I am trying to write scripts to perform basic TPM management tasks.
    Microsoft has some documentation on the WIn32_Tpm class which is
    supposed to be used for this sort of thing, but I have not had any
    success getting scripts to work on my Windows Vista 32-bit or 64-bit
    installations. In the end I simply tried to search for the Win32_Tpm,
    and could not even find it. The method for searching for the class was

    to use the script below, and then pipe it to | findstr /I "Win32_Tpm".

    strComputer = "."
    strNamespace = "\root"

    Set objSWbemServices = GetObject("winmgmts:\\" & strComputer &

    Set colClasses = objSWbemServices.SubClassesOf()
    For Each objClass in colClasses
    Wscript.Echo objClass.Path_.Path

    I have some more questions floating around somewhere, but this is a
    good start.

    Thanks in advance for your replies.

    Matty, Dec 29, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.