Hardware Reference
In-Depth Information
Chapter 4. Protecting GPG Keys with a
Trusted Platform Module
After our investigation into BBB hardware security, we'll now use that technology to pro-
tect your personal encryption keys for the popular GPG software. GPG is a free implement-
ation of the OpenPGP standard. This standard was developed based on the work of Philip
Zimmerman and his
Pretty Good Privacy
(
PGP
) software. PGP has a complex socio-
political backstory, which we'll briefly cover before getting into the project. For the project,
we'll treat the BBB as a separate cryptographic co-processor and use the CryptoCape, with
a keypad code entry device, to protect our GPG keys when they are not in use.
Specifically, we will do the following:
• Tell you a little about the history and importance of the PGP software
• Perform basic threat modeling to analyze your project
• Create a strong PGP key using the free GPG software
• Teach you to use the TPM to protect encryption keys
