SlideShare a Scribd company logo
1
restricted
Liam Cheng
April 2024
Simplified FDO manufacturing flow
with TPMs
2
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
Infineon is a global leader in power systems and IoT
2
Market position
Automotive
#1
TechInsights,
March 2023
1 As of 30 September 2023
Power
#1
Omdia,
September 2023
Security
#1
ABI Research,
October 2023
employees1
~58,600
in automotive, power management,
energy efficient technologies and IoT
Global leader
3
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
We build trust in a connected world
Security controller
Security controller,
sofware & host
software
Security controller,
software & host
software
OPTIGA
TPM
OPTIGA TPM
OPTIGA Trust
eSIM
V2X
Security controller &
software
OPTIGA
Authenticate
Seamless secured transactions Verifying identities
Securing the IoT Fighting Counterfeits
4
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
The Trusted Platform Module (TPM)
“The safe for your platform”
› Reduced implementation costs
› Minimized integration risk
› Proven security
› Tamper-resistant hardware
› Key and authentication protect
› Used in computing for over 20 years
› Widely adopted by new use cases
› Security of hardware and software
independently evaluated
Security chip standardized by
Trusted Computing Group
(TCG)
Widely used in board
applications
Designed to resist logical and
physical attacks
Certified by third-party
(Common Criteria/ FIPS)
TPM
“The for
your platform"
5
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
Laptop Server Network Interface Card Switches Firewall
5G access point
Storage area network Enterprise router
Google Mesh Router Surveillance Camera EV Charging Station Printer
IoT gateway Wireless Access point
Fleet management
Existing products with OPTIGA TPM 2.0
6
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
‒ TPM, a hardware module that provides secure
credential storage and trusted implementations of
cryptography, combines well with FDO.
‒ TPMs can store credentials for FDO securely, and it
provides the basic asymmetric cryptography for
FDO’s authentication.
‒ FDO, in turn, can work with TPMs to provision
application keys and certificates into TPM, allowing
customers to have private key materials with chains
of trust matching their organizational requirements.
‒ TPMs can potentially also be used to store FDO
factory credentials, allowing devices to adopt FDO
without a change to the manufacturing line.
TPM and FDO
https://fidoalliance.org/wp-content/uploads/2022/12/IoT-Application-
Provisioning-for-Security-Using-FDO-and-TPM-White-Paper.pdf
7
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
Specification for FDO credential storage in a TPM
https://fidoalliance.org/specs/FDO/securing-fdo-in-tpm-v1.0-rd-20231010/securing-fdo-in-tpm-v1.0-rd-20231010.pdf
8
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
How FDO works
Device Manufacturer
3
Load Ownership
Voucher (OV) to
Cloud
Device in box shipped
to installation location
1
Ownership
Voucher (OV)
FDO
Manufacturing
tool
FDO Client, Credentials
path to RV server
a. FDO agent & FDO credentials
places in device.
b. Ownership Voucher (OV)
created
8
7
a. Mutual authentication
takes place
b. Secure channel is
established
c. Onboarding takes place
using FSIM’s
Device given network
connectivity and powers up
Target Cloud
🡨
Application
Data
/
Control
🡨
Cloud Managed,
Device data flows
FDO owner
5
Device contacts RV
and is re-directed to
Cloud
6
Rendezvous
server (RV)
4
Register OV
with
Rendezvous
Server
FDO Client &
credentials
2
Onboarding
Data
🡨
9
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
Standard TPM programming model
2. Distributor
1. TPMs shipped to OEM
1. OEM
1. Orders FDO TPMs from
Distributor
4. OEM
1. Creates OV with
manufacturing tool
2. Programs TPM and sends
OV to End User
3. Assembles Device with
TPM
4. Ships Device to installer
e.g. SI, end user etc.
3. End User
1. Orders FDO enabled
Devices
2. Provides their public key
to OEM
6. Installer
1. Installs devices
2. Runs FDO
3. Device onboards to End
User platform
5. End User
1. Registers OV with target
platform/RV server.
10
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
Pre-programmed TPM concept
• To simplify the OEM manufacturing flow, Infineon in conjunction with Avnet have
created a pre-programmed TPM concept for FDO.
• In this approach, Avnet would pre-program the TPMs with FDO credentials and
then ship the TPM to the OEM for installation.
• The Ownership Voucher (OV) can be stored in the TPM or can be sent as a
database file to the OEM
TPM
FDO credential
Ownership
Voucher
ODM board or final device
Pre-programmed TPMs
shipped to ODM or
OEM
TPM
FDO
credential
Ownership
Voucher
TPMs
Pre-programmed by
Avnet
OS with FDO
Client
OV is extracted, signed
and shipped
Avnet TPM personalization services
● The OPTIGATM TPM is a turnkey security solution
● Avnet offers an industry first custom programming service for security devices.
● This personalization service makes it easier for customers to integrate embedded
custom security into their products independent of their security experience or volumes.
12
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
TPM flow using embedded OV approach
2. Distributor
1. OV created and signed
with OEM key
2. TPM configured and
shipped to OEM with
embedded OV
1. OEM
1. Orders FDO enabled
TPMs from Distributor
2. Provides their public key
to Distributor
4. OEM
1. Extracts OV from TPM
2. Signs OV with End User
key and sends OV to End
User
3. Assembles Device
4. Ships Device to installer
e.g. SI, end user etc.
3. End User
1. Orders FDO enabled
Devices
2. Provides their public key
to OEM
6. Installer
1. Installs devices
2. Runs FDO
3. Device onboards to End
User platform
5. End User
1. Registers OV with target
platform/RV server.
13
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
TPM flow using OV database
2. Distributor
1. OV created and signed
with OEM key
2. TPM configured and
shipped to OEM
3. OVs signed and sent as a
database to OEM
1. OEM
1. Orders FDO enabled
TPMs from Distributor
2. Provides their public key
to Distributor
4. OEM
1. OV taken from database
2. Signs OVs with End User
key and sends OVs to
End User
3. Assembles Device
4. Ships Device to installer
e.g. SI, end user etc.
3. End User
1. Orders FDO enabled
Devices
2. Provides their public key
to OEM
6. Installer
1. Installs devices
2. Runs FDO
3. Device onboards to End
User platform
5. End User
1. Registers OV with target
platform/RV server.
14
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
Advantages of pre-programmed TPM
● Simplifies flow for OEMs
○ No need to sign OV in ‘real-time’ on production line
■ OVs are extracted and then can be signed off line
○ OEM does not need to integrate and run manufacturing tool as part of their manufacturing flow
○ Approach works well for low and higher volumes
● Supports non-embedded OV model
○ Distributor can send a database of signed OVs to the OEM which can then be signed over to
End User off line.
15
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
Summary
● OPTIGATM TPMs are a highly effective and secure way of storing FDO
credentials
● Infineon and Avnet have created a pre-programmed TPM concept for FDO
that they believe can simplify FDO adoption.
● OEM/ODM feedback on the concept is greatly welcomed
● A specification for TPM use with FDO, co-written by Infineon, is available on
the FIDO Alliance website.
○ https://fidoalliance.org/specs/FDO/securing-fdo-in-tpm-v1.0-rd-20231010/securing-fdo-in-tpm-
v1.0-rd-20231010.pdf
16
Copyright © Infineon Technologies AG 2024. All rights reserved.
restricted
04.2024
Infineon Security Partner Network (ISPN)
17

More Related Content

Similar to Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
FIDO Alliance
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
Linaro
 
UNSPresentation
UNSPresentationUNSPresentation
UNSPresentation
John Tellis
 
Learnings of how to simplifying io t solutions and securing business value
Learnings of how to simplifying io t solutions and securing business valueLearnings of how to simplifying io t solutions and securing business value
Learnings of how to simplifying io t solutions and securing business value
Dan Mårtensson
 
Hydraulische Wiegesysteme
Hydraulische WiegesystemeHydraulische Wiegesysteme
Hydraulische Wiegesysteme
ZeljkoJurca
 
Brochure skidweigh Defender
Brochure skidweigh DefenderBrochure skidweigh Defender
Brochure skidweigh Defender
Ted Jurca
 
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM France Lab
 
Your CODESYS Applications, Protected and Licensed
Your CODESYS Applications, Protected and LicensedYour CODESYS Applications, Protected and Licensed
Your CODESYS Applications, Protected and Licensed
team-WIBU
 
FTNT_Icon-Library-External-June-2022.pptx
FTNT_Icon-Library-External-June-2022.pptxFTNT_Icon-Library-External-June-2022.pptx
FTNT_Icon-Library-External-June-2022.pptx
RicardoAndino9
 
OPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge DevicesOPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge Devices
Sadatulla Zishan
 
Secure Out Of Band Management - Comm Devices Inc.
Secure Out Of Band Management - Comm Devices Inc.Secure Out Of Band Management - Comm Devices Inc.
Secure Out Of Band Management - Comm Devices Inc.
Communication Devices Inc
 
Gadgeon profile
Gadgeon profileGadgeon profile
Gadgeon profile
SREERAJ NAIR
 
Profinet network design webinar - Peter Thomas may 2020 - v1.0
Profinet network design webinar - Peter Thomas   may 2020 - v1.0Profinet network design webinar - Peter Thomas   may 2020 - v1.0
Profinet network design webinar - Peter Thomas may 2020 - v1.0
PROFIBUS and PROFINET InternationaI - PI UK
 
NTT DOCOMO Deployment Case Study: Your Security, More Simple.
NTT DOCOMO Deployment Case Study: Your Security, More Simple.NTT DOCOMO Deployment Case Study: Your Security, More Simple.
NTT DOCOMO Deployment Case Study: Your Security, More Simple.
FIDO Alliance
 
“Your Security, More Simple.” by utilizing FIDO Authentication
“Your Security, More Simple.” by utilizing FIDO Authentication“Your Security, More Simple.” by utilizing FIDO Authentication
“Your Security, More Simple.” by utilizing FIDO Authentication
LINE Corporation
 
Enabling embedded security for the Internet of Things
Enabling embedded security for the Internet of ThingsEnabling embedded security for the Internet of Things
Enabling embedded security for the Internet of Things
team-WIBU
 
Forti Gate Virtual Appliances Sales 201010
Forti Gate Virtual Appliances Sales 201010Forti Gate Virtual Appliances Sales 201010
Forti Gate Virtual Appliances Sales 201010
Alvaro Roldan Peral
 
Visiongain publishes report on: The 100 connected car companies to watch
Visiongain publishes report on: The 100 connected car companies to watchVisiongain publishes report on: The 100 connected car companies to watch
Visiongain publishes report on: The 100 connected car companies to watch
Visiongain
 
The Future Mobile Security
The Future Mobile Security The Future Mobile Security
The Future Mobile Security
Qualcomm Developer Network
 

Similar to Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf (20)

Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
 
UNSPresentation
UNSPresentationUNSPresentation
UNSPresentation
 
Learnings of how to simplifying io t solutions and securing business value
Learnings of how to simplifying io t solutions and securing business valueLearnings of how to simplifying io t solutions and securing business value
Learnings of how to simplifying io t solutions and securing business value
 
Hydraulische Wiegesysteme
Hydraulische WiegesystemeHydraulische Wiegesysteme
Hydraulische Wiegesysteme
 
Brochure skidweigh Defender
Brochure skidweigh DefenderBrochure skidweigh Defender
Brochure skidweigh Defender
 
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
IBM Bluemix Paris Meetup #21-20170131 Meetup @Ingima - MangOH to AirVantage t...
 
Your CODESYS Applications, Protected and Licensed
Your CODESYS Applications, Protected and LicensedYour CODESYS Applications, Protected and Licensed
Your CODESYS Applications, Protected and Licensed
 
FTNT_Icon-Library-External-June-2022.pptx
FTNT_Icon-Library-External-June-2022.pptxFTNT_Icon-Library-External-June-2022.pptx
FTNT_Icon-Library-External-June-2022.pptx
 
OPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge DevicesOPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge Devices
 
Secure Out Of Band Management - Comm Devices Inc.
Secure Out Of Band Management - Comm Devices Inc.Secure Out Of Band Management - Comm Devices Inc.
Secure Out Of Band Management - Comm Devices Inc.
 
Gadgeon profile
Gadgeon profileGadgeon profile
Gadgeon profile
 
Profinet network design webinar - Peter Thomas may 2020 - v1.0
Profinet network design webinar - Peter Thomas   may 2020 - v1.0Profinet network design webinar - Peter Thomas   may 2020 - v1.0
Profinet network design webinar - Peter Thomas may 2020 - v1.0
 
NTT DOCOMO Deployment Case Study: Your Security, More Simple.
NTT DOCOMO Deployment Case Study: Your Security, More Simple.NTT DOCOMO Deployment Case Study: Your Security, More Simple.
NTT DOCOMO Deployment Case Study: Your Security, More Simple.
 
“Your Security, More Simple.” by utilizing FIDO Authentication
“Your Security, More Simple.” by utilizing FIDO Authentication“Your Security, More Simple.” by utilizing FIDO Authentication
“Your Security, More Simple.” by utilizing FIDO Authentication
 
Enabling embedded security for the Internet of Things
Enabling embedded security for the Internet of ThingsEnabling embedded security for the Internet of Things
Enabling embedded security for the Internet of Things
 
Forti Gate Virtual Appliances Sales 201010
Forti Gate Virtual Appliances Sales 201010Forti Gate Virtual Appliances Sales 201010
Forti Gate Virtual Appliances Sales 201010
 
Visiongain publishes report on: The 100 connected car companies to watch
Visiongain publishes report on: The 100 connected car companies to watchVisiongain publishes report on: The 100 connected car companies to watch
Visiongain publishes report on: The 100 connected car companies to watch
 
The Future Mobile Security
The Future Mobile Security The Future Mobile Security
The Future Mobile Security
 

More from FIDO Alliance

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdfFIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdfFIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdfFIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdfFIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdfFIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FIDO Alliance
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
FIDO Alliance
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
FIDO Alliance
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
FIDO Alliance
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
FIDO Alliance
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
FIDO Alliance
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
FIDO Alliance
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
FIDO Alliance
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
FIDO Alliance
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
FIDO Alliance
 

More from FIDO Alliance (20)

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdfFIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
FIDO Alliance Osaka Seminar: LY-DOCOMO-KDDI-Mercari Panel.pdf
 
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdfFIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
FIDO Alliance Osaka Seminar: NEC & Yubico Panel.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
FIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdfFIDO Alliance Osaka Seminar: CloudGate.pdf
FIDO Alliance Osaka Seminar: CloudGate.pdf
 
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdfFIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
FIDO Alliance Osaka Seminar: PlayStation Passkey Deployment Case Study.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdfFIDO Alliance Osaka Seminar: Welcome Slides.pdf
FIDO Alliance Osaka Seminar: Welcome Slides.pdf
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 

Recently uploaded

How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
Claudio Di Ciccio
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
FODUU
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
Zilliz
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 

Recently uploaded (20)

How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
CAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on BlockchainCAKE: Sharing Slices of Confidential Data on Blockchain
CAKE: Sharing Slices of Confidential Data on Blockchain
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

  • 1. 1 restricted Liam Cheng April 2024 Simplified FDO manufacturing flow with TPMs
  • 2. 2 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 Infineon is a global leader in power systems and IoT 2 Market position Automotive #1 TechInsights, March 2023 1 As of 30 September 2023 Power #1 Omdia, September 2023 Security #1 ABI Research, October 2023 employees1 ~58,600 in automotive, power management, energy efficient technologies and IoT Global leader
  • 3. 3 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 We build trust in a connected world Security controller Security controller, sofware & host software Security controller, software & host software OPTIGA TPM OPTIGA TPM OPTIGA Trust eSIM V2X Security controller & software OPTIGA Authenticate Seamless secured transactions Verifying identities Securing the IoT Fighting Counterfeits
  • 4. 4 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 The Trusted Platform Module (TPM) “The safe for your platform” › Reduced implementation costs › Minimized integration risk › Proven security › Tamper-resistant hardware › Key and authentication protect › Used in computing for over 20 years › Widely adopted by new use cases › Security of hardware and software independently evaluated Security chip standardized by Trusted Computing Group (TCG) Widely used in board applications Designed to resist logical and physical attacks Certified by third-party (Common Criteria/ FIPS) TPM “The for your platform"
  • 5. 5 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 Laptop Server Network Interface Card Switches Firewall 5G access point Storage area network Enterprise router Google Mesh Router Surveillance Camera EV Charging Station Printer IoT gateway Wireless Access point Fleet management Existing products with OPTIGA TPM 2.0
  • 6. 6 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 ‒ TPM, a hardware module that provides secure credential storage and trusted implementations of cryptography, combines well with FDO. ‒ TPMs can store credentials for FDO securely, and it provides the basic asymmetric cryptography for FDO’s authentication. ‒ FDO, in turn, can work with TPMs to provision application keys and certificates into TPM, allowing customers to have private key materials with chains of trust matching their organizational requirements. ‒ TPMs can potentially also be used to store FDO factory credentials, allowing devices to adopt FDO without a change to the manufacturing line. TPM and FDO https://fidoalliance.org/wp-content/uploads/2022/12/IoT-Application- Provisioning-for-Security-Using-FDO-and-TPM-White-Paper.pdf
  • 7. 7 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 Specification for FDO credential storage in a TPM https://fidoalliance.org/specs/FDO/securing-fdo-in-tpm-v1.0-rd-20231010/securing-fdo-in-tpm-v1.0-rd-20231010.pdf
  • 8. 8 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 How FDO works Device Manufacturer 3 Load Ownership Voucher (OV) to Cloud Device in box shipped to installation location 1 Ownership Voucher (OV) FDO Manufacturing tool FDO Client, Credentials path to RV server a. FDO agent & FDO credentials places in device. b. Ownership Voucher (OV) created 8 7 a. Mutual authentication takes place b. Secure channel is established c. Onboarding takes place using FSIM’s Device given network connectivity and powers up Target Cloud 🡨 Application Data / Control 🡨 Cloud Managed, Device data flows FDO owner 5 Device contacts RV and is re-directed to Cloud 6 Rendezvous server (RV) 4 Register OV with Rendezvous Server FDO Client & credentials 2 Onboarding Data 🡨
  • 9. 9 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 Standard TPM programming model 2. Distributor 1. TPMs shipped to OEM 1. OEM 1. Orders FDO TPMs from Distributor 4. OEM 1. Creates OV with manufacturing tool 2. Programs TPM and sends OV to End User 3. Assembles Device with TPM 4. Ships Device to installer e.g. SI, end user etc. 3. End User 1. Orders FDO enabled Devices 2. Provides their public key to OEM 6. Installer 1. Installs devices 2. Runs FDO 3. Device onboards to End User platform 5. End User 1. Registers OV with target platform/RV server.
  • 10. 10 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 Pre-programmed TPM concept • To simplify the OEM manufacturing flow, Infineon in conjunction with Avnet have created a pre-programmed TPM concept for FDO. • In this approach, Avnet would pre-program the TPMs with FDO credentials and then ship the TPM to the OEM for installation. • The Ownership Voucher (OV) can be stored in the TPM or can be sent as a database file to the OEM TPM FDO credential Ownership Voucher ODM board or final device Pre-programmed TPMs shipped to ODM or OEM TPM FDO credential Ownership Voucher TPMs Pre-programmed by Avnet OS with FDO Client OV is extracted, signed and shipped
  • 11. Avnet TPM personalization services ● The OPTIGATM TPM is a turnkey security solution ● Avnet offers an industry first custom programming service for security devices. ● This personalization service makes it easier for customers to integrate embedded custom security into their products independent of their security experience or volumes.
  • 12. 12 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 TPM flow using embedded OV approach 2. Distributor 1. OV created and signed with OEM key 2. TPM configured and shipped to OEM with embedded OV 1. OEM 1. Orders FDO enabled TPMs from Distributor 2. Provides their public key to Distributor 4. OEM 1. Extracts OV from TPM 2. Signs OV with End User key and sends OV to End User 3. Assembles Device 4. Ships Device to installer e.g. SI, end user etc. 3. End User 1. Orders FDO enabled Devices 2. Provides their public key to OEM 6. Installer 1. Installs devices 2. Runs FDO 3. Device onboards to End User platform 5. End User 1. Registers OV with target platform/RV server.
  • 13. 13 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 TPM flow using OV database 2. Distributor 1. OV created and signed with OEM key 2. TPM configured and shipped to OEM 3. OVs signed and sent as a database to OEM 1. OEM 1. Orders FDO enabled TPMs from Distributor 2. Provides their public key to Distributor 4. OEM 1. OV taken from database 2. Signs OVs with End User key and sends OVs to End User 3. Assembles Device 4. Ships Device to installer e.g. SI, end user etc. 3. End User 1. Orders FDO enabled Devices 2. Provides their public key to OEM 6. Installer 1. Installs devices 2. Runs FDO 3. Device onboards to End User platform 5. End User 1. Registers OV with target platform/RV server.
  • 14. 14 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 Advantages of pre-programmed TPM ● Simplifies flow for OEMs ○ No need to sign OV in ‘real-time’ on production line ■ OVs are extracted and then can be signed off line ○ OEM does not need to integrate and run manufacturing tool as part of their manufacturing flow ○ Approach works well for low and higher volumes ● Supports non-embedded OV model ○ Distributor can send a database of signed OVs to the OEM which can then be signed over to End User off line.
  • 15. 15 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 Summary ● OPTIGATM TPMs are a highly effective and secure way of storing FDO credentials ● Infineon and Avnet have created a pre-programmed TPM concept for FDO that they believe can simplify FDO adoption. ● OEM/ODM feedback on the concept is greatly welcomed ● A specification for TPM use with FDO, co-written by Infineon, is available on the FIDO Alliance website. ○ https://fidoalliance.org/specs/FDO/securing-fdo-in-tpm-v1.0-rd-20231010/securing-fdo-in-tpm- v1.0-rd-20231010.pdf
  • 16. 16 Copyright © Infineon Technologies AG 2024. All rights reserved. restricted 04.2024 Infineon Security Partner Network (ISPN)
  • 17. 17