Nature Green • Bone White

Intel PTT as an Inverse Attribution Witness

Use your CPU's fused TPM (Intel Platform Trust Technology) to create non-transferable, hardware-bound signatures. Publish proof today, reveal identity later — without ever exporting a private key.

TPM 2.0 Windows 10/11 WSL2 + tpm2-tools No keys leave TPM

Overview

Inverse attribution flips the normal flow: you sign content with a TPM-resident Attestation Key (AK) bound to your unique Endorsement Key (EK). You publish only the AK, signature, and a hash of the EK. Months later, you can prove the same physical Intel PTT signed it by revealing the EK certificate chain.

Why PTT? Intel PTT is a firmware TPM built into the chipset. The EK is burned at manufacture and cannot be cloned. The AK private key never leaves the TPM boundary. This gives you a hardware pseudonym.

You Publish Now

  • Content hash (SHA-256)
  • AK public key (base64)
  • Signature over content
  • SHA-256( EK pub ) — fingerprint only

You Reveal Later

  • Full EK public + certificate
  • TPM cert chain to Intel
  • Proof AK was created by that EK
  • Links prior anonymous posts to you

Threat Model

PropertyPTT ProvidesDoes Not Provide
Hardware bindingYes — EK is unique per CPU-
Key extraction resistanceYes — private keys non-exportableDoesn't stop physical chip decap
AnonymityYes — if you only publish EK hashOS telemetry may correlate
TimestampingNo — use external timestampTPM clock is local

1. Setup

  1. Enable Intel PTT in BIOS. Advanced → Security → PTT / Intel Platform Trust Technology → Enabled. Clear TPM if switching from discrete TPM.
  2. Verify in Windows PowerShell (Admin).
PowerShell
# Check TPM is present and ready
Get-Tpm

# Confirm manufacturer = INTC (Intel)
Get-Tpm | Select-Object TpmPresent,TpmReady,TpmEnabled,ManufacturerIdTxt,ManufacturerVersion

# Optional: export EK public (Windows format)
(Get-TpmEndorsementKeyInfo -HashAlgorithm Sha256).PublicKey | Out-File -Encoding ascii $env:USERPROFILE\Desktop\ek_pub_b64.txt
Example Output
TpmPresent          : True
TpmReady            : True
TpmEnabled          : True
ManufacturerIdTxt   : INTC
ManufacturerVersion : 303.14.0.0
  1. Install WSL2 + tpm2-tools. Recent WSL2 kernels expose /dev/tpm0 and /dev/tpmrm0.
WSL2 Ubuntu bash
# Update and install
sudo apt update && sudo apt install -y tpm2-tools

# Verify TPM device
sudo tpm2_pcrread sha256:0,1,2,3,7

# Check PTT is available
sudo tpm2_getcap properties-fixed | grep -i manufacturer
Example Output
TPM2_PT_MANUFACTURER: 0x494E5443
  value: "INTC"
WSL2 Note: If /dev/tpm0 missing, update WSL: in PowerShell run wsl --update and ensure Windows 11 22H2+. Then reboot.

2. Generate EK and AK

The EK is your root identity. The AK is a restricted signing key certified by the EK. We create persistent handles so they survive reboots.

WSL2 bash — Create EK (RSA 2048, persistent 0x81010001)
# Create primary EK, save public
sudo tpm2_createek -c 0x81010001 -G rsa -u ek.pub -f pem

# Fingerprint for witness (publish this, not the full key)
sha256sum ek.pub | awk '{print $1}' > ek_fingerprint.txt
cat ek_fingerprint.txt
WSL2 bash — Create AK bound to EK
# Create Attestation Key, persistent context
sudo tpm2_createak -C 0x81010001 -c ak.ctx -G rsa -g sha256 -s rsassa -u ak.pub -f pem -n ak.name

# Export AK public for distribution
base64 -w0 ak.pub > ak.pub.b64

# Prove AK is bound to EK (for later reveal)
sudo tpm2_readpublic -c ak.ctx -o ak.out -f pem -n ak.name
cat ak.name | xxd -p -c 100 > ak.name.hex
Example Output
ek_fingerprint.txt:
7f3a1c9e8b2d4f1a6c0e5d9b8a7c6f5e4d3c2b1a0f9e8d7c6b5a4f3e2d1c0b9a

ak.pub.b64 (truncated):
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw...==
Keep ak.ctx in ~/.tpm/. Never export EK private — it cannot be exported anyway. Back up ek.pub, ak.pub, and ek_fingerprint.txt.

3. Sign File

Sign a canonical UTF-8 file. TPM signs the SHA-256 digest internally.

WSL2 bash — Prepare and sign
# Create witness content (example: Mythos beacon draft)
cat > message.txt << 'EOF'
MYTHOS DRAFT 2025-12-19T03:14:00Z
claim: inverse-attribution-demo
nonce: 7f3a1c
EOF

# TPM signs via digest (produces ticket for verification)
tpm2_hash -C e -g sha256 -o digest.bin -t ticket.bin message.txt
tpm2_sign -c ak.ctx -g sha256 -d -o sig.bin -t ticket.bin digest.bin

# Export portable formats
base64 -w0 sig.bin > sig.b64
sha256sum message.txt
PowerShell alternative (Windows native, no WSL)
# Sign using Windows NCrypt (AK must be loaded via TBS)
# Requires tpm2-tss engine or use tpm2-tools in WSL. Recommended: use WSL for reproducibility.
Example Output
sha256sum message.txt:
d2a8c7f4e1b9a6c5d4e3f2a1b0c9d8e7f6a5b4c3d2e1f0a9b8c7d6e5f4a3b2c1  message.txt

sig.b64 (truncated):
nXk9f3a+Qm2vT...A9vL==

4. Verify Signature

Anyone with your AK public can verify. Full TPM verification also checks the ticket.

WSL2 bash — Verify with tpm2-tools
# Verify signature and ticket
tpm2_verifysignature -c ak.pub -g sha256 -m message.txt -s sig.bin -t ticket.bin
OpenSSL (portable, no TPM needed)
# Verify with standard tools
openssl dgst -sha256 -verify ak.pub -signature sig.bin message.txt && echo "VALID"
Example Output
Verified
VALID
Inverse attribution check (later): When you reveal, provide ek.pub, EK certificate from Get-TpmEndorsementKeyInfo, and ak.name. Verifier runs tpm2_checkquote or tpm2_certify to prove AK was created by that EK.

5. Integration with Mythos Beacon

Embed a witness block in your beacon payload or as a sidecar .witness file. This format is deterministic and parseable.

Witness Block Format (v1)
-----BEGIN MYTHOS WITNESS-----
version: 1
timestamp: 2025-12-19T03:14:00Z
scheme: tpm2.0-ptt-rsassa-sha256
content_sha256: d2a8c7f4e1b9a6c5d4e3f2a1b0c9d8e7f6a5b4c3d2e1f0a9b8c7d6e5f4a3b2c1
ek_fingerprint: 7f3a1c9e8b2d4f1a6c0e5d9b8a7c6f5e4d3c2b1a0f9e8d7c6b5a4f3e2d1c0b9a
ak_public_b64: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw...
signature_b64: nXk9f3a+Qm2vT...A9vL==
attestation: ak.name.hex=...
-----END MYTHOS WITNESS-----

Mythos Beacon Example

{
  "beacon_id": "HERMES-7f3a1c",
  "content": "message.txt",
  "content_sha256": "d2a8c7f4...",
  "witness": {
    "type": "tpm-ptt",
    "ek_fp": "7f3a1c9e8b2d...",
    "ak": "MIIBIjANBgkqhki...",
    "sig": "nXk9f3a+Qm2vT..."
  }
}
Operational tip: Publish beacon + witness to multiple independent places (git, IPFS, Nostr). Later reveal links them cryptographically to your Intel PTT without ever having exposed identity at posting time.

Witness Builder — Offline SHA-256 Tool

No data leaves your browser

Use this block verbatim. Keep line endings LF. Verify with openssl dgst -sha256 -verify ak.pub -signature sig.bin message.txt