Sessions

Maintain state between sequences of commands.

These are the vehicles for authorizations, as they configure per-command attributes.

• Encryption/decryption of command/response parameters.

Session variations

Bound/unbound

• The session is bound to an authorization value.

• The session key is computed with it.

• Calculations depending on the session key are affected.

Salted/unsalted

• Extra entropy for the session key.

Session use modifiers

Per-command modifiers.

• Continue - Keep the session after a successful command.

• Decrypt - Part of the request goes encrypted.

• Encrypt - Part of the response should come encrypted.

• Audit - The command is to be audited.

Types

Password

Single-command session. A permanent entity.

Operation depends on the password

• The password is provided in cleartext.

• It is meant to be used locally.

HMAC

A password is uploaded to the TPM.

• authValue

• A one-time operation

Each session interaction has an HMAC computed with the shared authValue.

• Both request and response.

• Each also used a nonce.

  • The TPM nonce changes on each response.

Policy (Enhanced Authorization)

Are built on top of HMAC session.

Use policies to compute a shared secret.

• Logical expressions

• Sequences of commands

• Internal and external state