On 2/27/2020 3:57 PM, James Prestwood wrote:
I am learning lots from this discussion, so thank you. I had assumed
that the parent key crypto had to match the child key, RSA vs EC, but
sounds like that is not the case. And yes, this sounds like a much
better way to go now that I have a bit more info on it.
I know this old. Just FYI:
The TPM WG debated this for a while, but decided that the TPM should not
enforce parent / child algorithm matching. It's for the application to
decide.
I also note that parent keys wrap their child keys using a symmetric
key, typically AES, not an RSA or ECC key. The load time would be the
same for an ECC or RSA parent, because it's not using the asymmetric
key.
This different from TPM 1.2, which always uses parent RSA wrapping.
The asymmetric key is used for:
1 - import (key backup, using externally generated keys)
2 - Salted sessions
While both are useful, they're not typically used in a
critical path.
