Protection Profile PC Client Specific TPM TPM Library specification Family “2.0” Level 0 Revision 1.16 December 10, 2014 Version 1.0 Contact: [email protected] TCG Published Copyright © TCG 2014 TCG Disclaimers, Notices, and License Terms THIS SPECIFICATION IS PROVIDED “AS IS” WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. Without limitation, TCG disclaims all liability, including liability for infringement of any proprietary rights, relating to use of information in this specification and to the implementation of this specification, and TCG disclaims all liability for cost of procurement of substitute goods or services, lost profits, loss of use, loss of data or any incidental, consequential, direct, indirect, or special damages, whether under contract, tort, warranty or otherwise, arising in any way out of use or reliance upon this specification or any information herein. This document is copyrighted by Trusted Computing Group (TCG), and no license, express or implied, is granted herein other than as follows: You may not copy or reproduce the document or distribute it to others without written permission from TCG, except that you may freely do so for the purposes of (a) examining or implementing TCG specifications or (b) developing, testing, or promoting information technology standards and best practices, so long as you distribute the document with these disclaimers, notices, and license terms. Contact the Trusted Computing Group at www.trustedcomputinggroup.org for information on specification licensing through membership agreements. Any marks and brands contained herein are the property of their respective owners. Level 0 Revision 1.16 ii December 10, 2014 TCG Published Table of Contents 1. Scope ......................................................................................................................................................... 3 1.1 Key words ........................................................................................................................................ 3 1.2 Statement Type ................................................................................................................................ 3 2. PP Introduction............................................................................................................................................ 4 2.1 PP Reference................................................................................................................................... 4 2.2 TOE Overview .................................................................................................................................. 4 2.2.1 TOE Definition ........................................................................................................................... 4 2.2.2 TOE Usage and Security Features ............................................................................................ 4 2.2.3 Non-TOE Hardware, Firmware and Software ............................................................................. 6 2.2.4 TPM Life Cycle .......................................................................................................................... 6 3. Conformance Claims ................................................................................................................................. 11 3.1 CC Conformance Claim ................................................................................................................. 11 3.2 Conformance with Packages .......................................................................................................... 11 3.3 Conformance with other Protection Profiles .................................................................................... 11 3.4 Conformance Statement................................................................................................................. 11 4. Security Problem Definition ....................................................................................................................... 12 4.1 Assets ............................................................................................................................................ 12 4.2 Threats .......................................................................................................................................... 12 4.3 Organisational Security Policies ..................................................................................................... 14 4.4 Assumptions .................................................................................................................................. 15 5. Security Objectives .................................................................................................................................... 16 5.1 Security Objectives for the TOE...................................................................................................... 16 5.2 Security Objectives for the Operational Environment ...................................................................... 18 5.3 Security Objective Rationale........................................................................................................... 18 6. Extended Components Definition............................................................................................................... 28 6.1 Family Random Number Generation .............................................................................................. 28 7. Security Requirements .............................................................................................................................. 29 7.1 Security Functional Requirements .................................................................................................. 29 7.1.1 Definitions of Subjects, Objects and TSF data ......................................................................... 29 7.1.2 Presentation of operations on SFR components ...................................................................... 36 7.1.3 SFRs for the General Behavior of the TOE .............................................................................. 37 7.1.3.1 Management .......................................................................................................................... 37 7.1.3.2 Data Protection and Privacy ................................................................................................... 38 7.1.3.3 Cryptographic SFR ................................................................................................................. 39 7.1.3.4 Identification and Authentication SFR ..................................................................................... 46 Level 0 Revision 1.16 iii December 10, 2014 TCG Published 7.1.3.5 TSF Protection ....................................................................................................................... 52 7.1.4 SFRs Concerning the Object Hierarchy of the TOE ................................................................. 53 7.1.4.1 TPM Operational States ......................................................................................................... 54 7.1.4.2 Creation and Modification of the TPM Hierarchy ..................................................................... 60 7.1.4.3 Data Import and Export .......................................................................................................... 64 7.1.4.4 Measurement and Reporting .................................................................................................. 70 7.1.5 SFRs for the TOE Operation ................................................................................................... 74 7.1.5.1 Access SFR ........................................................................................................................... 74 7.1.5.2 Non-Volatile Storage .............................................................................................................. 80 7.1.5.3 Credentials ............................................................................................................................. 86 7.2 Security assurance requirements ................................................................................................... 88 7.3 Security Requirements rationale ..................................................................................................... 90 7.3.1 Sufficiency of SFR ................................................................................................................... 90 7.3.2 Dependency Rationale .......................................................................................................... 103 7.3.3 Assurance Rationale ............................................................................................................. 109 8. Appendix ................................................................................................................................................. 110 8.1 Random Number Generator (informative) ..................................................................................... 110 8.2 Acronyms ..................................................................................................................................... 110 8.3 Normative references ..................................................................................................................