Sensitive data and device operations can now be kept safe in a more secure environment, thanks to the new specification launched by the Trusted Computing Group (TCG).
Previously, the majority of major security measures were handled by a device’s firmware unless a Trusted Platform Module (TPM) was present. This included the generation and handling of cryptographic keys, which could also impact device performance. Now, the DICE Protection Environment (DPE) specification ensures these tasks are isolated from the firmware, which no longer needs to be trusted to carry out sensitive DICE operations.
“DICE DPE marks an exciting development for TCG,” said Chairman of the DICE Work Group, Dennis Mattoon. “For devices without a TPM, it provides essential isolation and protection guarantees, meaning the handling of secrets can be carried out quickly and more securely.”
The specification has also been created to reduce code size and ensure greater interoperability for DICE implementations. For vendors who want to use the specification but lack the understanding of requirements needed for their devices, this can help reduce errors in implementation and ensure there are less vulnerabilities for attackers to exploit.
“We want to reduce the barrier to entry for organizations wanting to adopt a strong hardware Root of Trust (RoT) for their devices,” continued Mattoon. “Yet DICE DPE also gives experienced silicon vendors the means to design and market new DICE IP blocks. Integration is made easier for everyone with this specification.”
DICE DPE is already being used in a number of high-profile solutions, including Open Compute Project’s Caliptra RoT. An open-source standard created to secure computer hardware in the data centre, Caliptra uses the specification to derive a DICE identity for entities within the System on a Chip (SoC). This integration provides the SoC with capabilities such as measured boot, and attestation.
More information on the specification can be found on the TCG website.
-ENDS-
More to explore
For more information about the specification, visit https://trustedcomputinggroup.org/wp-content/uploads/TCG-DICE-Protection-Environment-Specification_14february2023-1.pdf
Trade media
Proactive International PR
[email protected]
Trusted Computing Group
TCG is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry specifications and standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. More information is available at the TCG website, www.trustedcomputinggroup.org. The organization offers a number of resources for developers and designers at https://develop.trustedcomputinggroup.org/.
Follow TCG on Twitter and LinkedIn.
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.