Hardware Root of Trust Firmware 18.10.40.2765

Intel PTT as an Inverse Attribution Witness

We repurpose Intel Platform Trust Technology from passive attestation to active witness. PTT signs not what was executed, but what was provably absent — binding each claim to a non-exportable Endorsement Key in silicon.

Hardware-Bound TPM 2.0 Compliant EK Certified Non-Exportable

Overview

PTT WITNESS establishes a new class of proof: inverse attribution. Traditional TPM attestation confirms a measurement exists in PCRs. We invert the statement — the chip cryptographically witnesses that a specific binary, key, or operation never touched this platform during a bounded interval.

The signature originates from Intel PTT firmware, anchored to the immutable Endorsement Key. No software can forge it, export it, or replay it on another device. Each witness is bound to INTC600.18.1040.2765.

The Inversion

Traditional Attestation

Proves presence. "PCR 7 contains hash X at time T." Useful for confirming boot integrity, but silent on absence. Can be satisfied by any platform with the same software.

Inverse Attribution

Proves absence. "PTT witnessed that private key K was NOT used, process P was NOT loaded, and data D was NOT present between T1–T2 on this specific silicon."

Live Status

PTT Witness Node
ACTIVE
Chip Model
INTC600.18.1040.2765
Manufacturer
Intel PTT 2.0
Firmware
18.10.40.2765
EK Fingerprint
a7:3f:9c:21:e4:5b
Last Witness
2025-12-19 14:22:07 UTC
PCR State
0–7 Stable

How It Works

Enroll

The PTT EK is provisioned once. Intel-signed certificate chains the public key to genuine silicon. No private material ever leaves the ME.

Witness

On request, PTT measures absence over a time window, signs the claim with Attestation Key bound to EK. Includes PCR snapshot and monotonic counter.

Verify

Any verifier checks the signature against Intel root CAs, confirms chip model, firmware, and that the inverse claim holds for the stated interval.

Verify Witness

Paste a PTT WITNESS signature to validate hardware origin, firmware version, and inverse claim. Verification is performed locally — no data leaves your browser.

PTT:WITNESS/1.0 offline verifier