What does "factory default" mean regarding UEFI keys stored in a TPM, in a PC built from scratch?

Solution 1:

It sounds like you're not initializing BitLocker at all – these keys are for Secure Boot only, i.e. the PK/KEK/db/dbx variables. The default set configures Secure Boot to allow only operating systems signed by Microsoft (and sometimes by Canonical Ltd.), plus drivers signed by the PC manufacturer.

Secure Boot variables only store public certificates, not private keys, and they are not used for encrypting any data (only verifying signatures). Some firmwares might store them in the TPM-provided NVRAM in order to satisfy the "tamper-resistant" requirement that's in the spec, but other than that, these keys have nothing to do with TPMs.

Shouldn't I generate my own keys? 2b. If I initialize Bitlocker using these factory default keys, does that mean I'm using Infineon (TPM manufacturer) private keys?

TPM 2.0 has "user generated" and "factory default" as two separate worlds (aka key hierarchies) – it is not a toggle switch between the two, but each is used for a different purpose:

  • The "Owner" root key is used to encrypt further keys (including sealing the BitLocker volume key). It is always generated fresh when the user performs the "Take ownership" step. Windows does this step automatically at boot time (Is Initialized: True) and if you clear the TPM then Windows will generate a new key again.

    Certain operations on the "Owner" root key are password-protected (e.g. Windows generates a random password and throws it away). For that reason, initializing the Owner hierarchy is left to the OS – without knowing the password, the firmware can only clear it.

  • The "Endorsement" root key is used to sign attestation certificates (i.e. proofs that a real genuine Infineon TPM is performing the operation). It is factory-set and essentially read-only. BitLocker does not use this key.

  • There is also a "Platform" hierarchy that is used by the firmware itself. Your firmware might use it to store Secure Boot variables within the TPM's NVRAM. I believe HP laptops also store the firmware "setup" password this way.

If you're given a choice between "custom" and "factory default" keys, then it's most likely for Secure Boot, not for the TPM.


(Should you generate your own Secure Boot keys? Probably not. Doing so won't give you additional security for BitLocker or when booting Windows in general. But it can be useful for implementing BitLocker-alike systems on Linux.)