@ -134,10 +134,10 @@ There exists no source of trust and hence no check for integrity or intended exe
The \emph{Trusted Computing Group} (TCG) introduced their first standard for a new {Trusted Computing Module} (TPM) in 2004.
As part in this standard, TCG defined a procedure where every step in the early boot process is measured and saved in a \emph{Platform Configuration Register} (PCR).
In this context, \emph{Measuring} means a simple cryptographic extension function:
The function $||$ represents a concatenation of two binary strings and the hash function is either SHA1 or SHA256.
In recent TPM-platforms, both hashing algorithms can be performed for each measurement.
Consequently, both hash results are available for further computations.
@ -561,7 +561,7 @@ These extensions were omitted in the following to understand the protocol more e
\item\emph{Link.}
After proving validity of the signature, the verifier can test, whether two different messages with the same basename $\bsn\neq\bot$ are generated from the same TPM.
On input \textsf{LINK}$(\sigma, m, \sigma', m', bsn)$, \verifier{} verifies the signatures and compares the pseudonyms contained in $\sigma, \sigma'$:
On input \textsf{LINK}$(\sigma, m, \sigma', m', bsn)$, \verifier{} verifies the signatures and compares the \texttt{nyms} contained in $\sigma, \sigma'$:
\begin{itemize}
\item Check that $\bsn\neq\bot$ and that both signatures $\sigma, \sigma'$ are valid.
\item Parse the signatures $\sigma\leftarrow(a,b,c,d,\pi,\nym)$, $\sigma'\leftarrow(a',b',c',d',\pi',\nym')$.
