About

Vision
FutureTPM will provide a new generation of TPM-based solutions, incorporating robust and formally verified QR cryptographic primitives.

The goal is to enable a smooth transition from current TPM environments, based on existing widely used and standardised cryptographic techniques, to systems providing enhanced security through QR cryptographic functions, including secure authentication, encryption and signing functions. By designing an innovative portfolio of high-security QR algorithms for primitives such as Key Agreement, Encryption, Signature, Cryptographic Hashing, Message Authentication Code (MAC) Functions, and Direct Anonymous Attestation (DAA), FutureTPM will fill the gaps that currently threaten its long-term security properties. This will enable FutureTPM systems to generate a secure root of trust that can be used for interacting with Cloud services, accessing corporate services, performing banking and eCommerce transactions, along with a wide range of other services.



Goals

Secure Quantum-Resistant Cryptographic Algorithms for the TPM
Secure Quantum-Resistant Cryptographic Algorithms for the TPM
Implementation of Hardware, Software, and Virtual TPM
Implementation of Hardware, Software, and Virtual TPM
Standardization within TCG, ISO/IEC and ETSI
Standardization within TCG, ISO/IEC and ETSI
Provision of Run-Time Risk Assessment and Vulnerability Analysis Methodologies
Provision of Run-Time Risk Assessment and Vulnerability Analysis Methodologies
Design Validation using Formal Security Analysis
Design Validation using Formal Security Analysis



Use Cases

FutureTPM aims to prove and validate the applicability, usability, effectiveness and value of the QR TPM concepts, models and algorithms in real-world settings, including industry and commerce, which may be affected by the advent of quantum computing. This will be achieved by examining their application to the following predefined set of use cases:

  • Online banking
    to isolate the e-payment process in a more protected context so as to provide enhanced security levels against unintentional data leakage and malicious apps;
  • Activity tracking
    to increase the trust of users of cloud-based activity tracking services in the security and privacy properties of their stored and utilised data;
  • Device management
    to help protect private keys stored on routers, mobile devices, and IoT devices against compromise or misuse by malicious applications.