none
About Virtual Smart Card Security RRS feed

  • Question

  • Hello all,

    Trying to have a good overview about the security of Virtual Smart Cards relying on TPMs, I read this very short article (the only I found) covering this topic (first part): https://docs.microsoft.com/en-us/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-evaluate-security.

    I well understand there is a key hierarchy (EK ; SRK -> SmartCardK ; SRK -> UserKey) as it is commonly in keys management solutions. However, I don't understand how the authorization process works. Moreover, the article says : "The TPM key hierarchy is designed to allow encryption of user data with the storage root key, but it authorizes decryption with the user PIN in such a way that changing the PIN doesn’t require re-encryption of the data." This explictely means that the PIN is not used at any moment to encrypt/decrypt any user key, but it is used instead to authorize this description..ok.

    Well, what is this process of authorization and what is really encrypted.

    I'm not 100% sure of that but I guess the PINs are not stored in the TPM since there may be a lot of VSC and since the TPM is not suited to store a lot of objects (limited memory). So, taking the first step as an example, how is the SCK decrypted ? We can see ScKey = DsrkPriv(SCKeyBlob) | PIN : which makes me believe the SCK blob is only the SCK encrypted with the public part of the SRK. So what does mean "| PIN" ? And how does the TPM verify the PIN is correct ? It seems the PIN is involved somewhat here. 

    | PIN is obviously not a concatenation since it would make the PIN leak just by looking at the file stored on the disk. 

    Thanks for your feedback !

    Have a nice day :)

    OolaHoop

    Friday, May 10, 2019 1:28 PM

All replies