Category: wolfTPM

ML-DSA and ML-KEM Support for TPM 2.0 Library Specification v1.85 Quantum-Safe TPM Operations Are on the Way wolfSSL is excited to announce that post-quantum cryptography (PQC) support is coming to wolfTPM. wolfTPM will be among the first TPM 2.0 libraries to implement the newly-published TCG TPM 2.0 Library Specification v1.85, which adds the NIST-standardized post-quantum […]

Read MoreMore Tag

Post-Quantum Firmware TPM Is Here wolfTPM’s firmware TPM (fwTPM) is available with post-quantum cryptography support added through the TCG TPM 2.0 Library Specification v1.85. fwTPM is wolfSSL’s portable software TPM 2.0 implementation, built on wolfCrypt and intended for products that need a TPM 2.0 interface without a discrete TPM chip. The post-quantum work merged in […]

Read MoreMore Tag

Background: TPM 2.0 Sealing and PCR Policies TPM 2.0 sealing binds a secret to a set of Platform Configuration Register (PCR) values. The TPM will only release the secret when the current PCR state matches what was recorded at seal time. This is the foundation for measured boot, disk encryption key protection, and platform attestation. […]

Read MoreMore Tag

ML-DSA and ML-KEM for Software TPM 2.0 on Embedded Targets A First in Embedded Security: Post-Quantum Firmware TPM wolfSSL is excited to announce that our firmware TPM (fPM), a software TPM 2.0 implementation built on wolfCrypt, will be among the first firmware TPMs with post-quantum cryptography support, implementing the new TCG TPM 2.0 Library Specification […]

Read MoreMore Tag

wolfTPM now has an integrated fTPM (firmware TPM) implementation built for the purpose of running within TrustZone for maximizing security! Why run an fTPM? Late breaking requirements come in to add a TPM to the design, but you didn’t include a hardware TPM on your board. You ship in high volumes and want TPM quality […]

Read MoreMore Tag

wolfTPM v4.0.0 is our largest release to date. It delivers three headline capabilities: Firmware TPM (fwTPM) – a portable TPM 2.0 built on wolfCrypt. SPDM Secured Transport – encrypted host-to-TPM communication. ST33 TPM 2.0 Firmware Update – new update tool for STMicro ST33KTPM2X. All three are powered by the same wolfCrypt engine trusted in FIPS […]

Read MoreMore Tag

Encrypted Bus Transfers, Multi-Vendor TPM Support, and TCG SPDM Binding Your Secrets Are on the Wire The Problem Discrete TPM chips talk to the host CPU over physical buses: SPI, I2C, or LPC. By default, this communication is unencrypted. Security researchers have repeatedly demonstrated that an attacker with brief physical access can tap these buses […]

Read MoreMore Tag

The Only SPDM Implementation with Hardware TPM Support A Different Category wolfTPM’s SPDM implementation is not a standalone SPDM library. It is SPDM integrated directly with hardware TPMs, a category that no other open-source project occupies. wolfTPM works hand-in-hand with Nuvoton and NSING to deliver SPDM on real hardware, with full TCG SPDM binding, PSK […]

Read MoreMore Tag

Lightweight Device Authentication for Nuvoton and NSING TPMs Device Attestation and Authentication Are No Longer Optional From data center accelerators to automotive ECUs, the industry is moving toward verifying every component on every bus. Today, wolfSSL is proud to announce SPDM support in wolfTPM, enabling secure device authentication and attestation for Nuvoton NPCT75x and NSING […]

Read MoreMore Tag

Secure boot architectures require more than just the presence of a TPM; they require a high-performance communication interface and a mechanism for lifecycle management. wolfSSL has updated wolfTPM and U-Boot to support native Hardware SPI communication and direct TPM 2.0 firmware updates for the Raspberry Pi 4. These changes move away from generic software-based implementations, […]

Read MoreMore Tag