Editing TPM

Jump to: navigation, search

Warning: You are not logged in.

Your IP address will be recorded in this page's edit history.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision Your text
Line 17: Line 17:
 
The only significant functions a TPM chip can do are hashing of a block of data, encryption/decryption of a block of data using a PKI keypair, signing a block of data using a PKI keypair and secure storage of a PKI keypair. Contrary to some views (such as the one presented earlier in this article), the TPM is not a DRM system in and of itself nor does it 'lock down your computer', although it CAN be used to do this with software (which can be in the BIOS).  
 
The only significant functions a TPM chip can do are hashing of a block of data, encryption/decryption of a block of data using a PKI keypair, signing a block of data using a PKI keypair and secure storage of a PKI keypair. Contrary to some views (such as the one presented earlier in this article), the TPM is not a DRM system in and of itself nor does it 'lock down your computer', although it CAN be used to do this with software (which can be in the BIOS).  
  
But first, a little discussion of PKI keys. PKI (aka Public Key Infrastructure) is an encryption system that uses two keys: a public and private key. In normal encryption systems, the 'key' is a password or PIN of some kind. The same key is used to encrypt AND decrypt, so once someone knows your key, the encryption is defeated. With PKI however, the two keys are complementary. If you encrypt something with the public key - ONLY the private key can decrypt it, and only the public key can decrypt something encrypted with the private key. There is no known way to derive a public key from the private key or vice versa.  
+
But first, a little discussion of PKI keys. PKI (aka Public Key Infrastructure) is an encryption system that uses two keys: a public and private key. In normal encryption systems, the 'key' is a password or PIN of some kind. The same key is used to encrypt AND decrypt, so once someone knows your key, the encryption is defeated. With PKI however, the two keys are complimentary. If you encrypt something with the public key - ONLY the private key can decrypt it, and only the public key can decrypt something encrypted with the private key. There is no known way to derive a public key from the private key or vice versa.  
  
 
What this means is that if I create a key pair (a public and matching private key), I can keep the private key totally to myself (ie: private) and use it to encrypt files - then give you the public key to decrypt them without compromising my private key. Why is this useful? Because ONLY the matching public key can decrypt the file. So if my public key decrypts a file - you know, absolutely, that I encrypted it. Also, if you use MY public key to encrypt a file, you can post it publically because you know only I can decrypt it with my private key.  
 
What this means is that if I create a key pair (a public and matching private key), I can keep the private key totally to myself (ie: private) and use it to encrypt files - then give you the public key to decrypt them without compromising my private key. Why is this useful? Because ONLY the matching public key can decrypt the file. So if my public key decrypts a file - you know, absolutely, that I encrypted it. Also, if you use MY public key to encrypt a file, you can post it publically because you know only I can decrypt it with my private key.  

Please note that all contributions to OSx86 may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see OSx86:Copyrights for details). Do not submit copyrighted work without permission!

Cancel | Editing help (opens in new window)

Templates used on this page:

Powered by MediaWiki © 2021 OSx86 Project  |   InsanelyMac  |   Forum  |   OSx86 Wiki   |   Privacy policy   |   About OSx86   |   Disclaimers