The Key Transfer Manager is a software application that communicates with the TPM through TCG-defined software interfaces to archive cryptographic keys and certificates in case of a hard drive or TPM failure.

One of the main functions of the TPM is to generate keys. As you use the TPM to generate keys for applications, you will want to ensure that the keys are backed up to enable recovery from hardware failure or when you are ready to move your protected data to a new PC.

The KTM is an enterprise software solution to archive and recover the hardware encryption keys and associated certificates used for critical personal computer data. The full version of the KTM includes automatic detection of keys to archive management of multiple archive files, certificate archive and restore.

To upgrade to the full version of Key Transfer Manager visit http://www.wave.com/products/ktm.html for further information.

Archive
This function creates an archive of keys generated by your TPM if they are allowed to be backed up. The TPM will create keys as requested by secure applications. Some events causing the creation of keys may be (1) setting up your password management program for the first time, (2) generating a digital certificate, or (3) creating a secure document vault. After creating keys for your secure applications, you will need to return to this option and select Archive to ensure that all of your keys are archived.

When archiving keys for the first time, you will need to specify an archive location, you must set an archive password to access the archive, and you will also be required to enter the TPM Owner Password. Make sure that you specify the archive location as removable media, such as a USB flash drive or network drive, to protect against a hard drive failure. Please make a note of the archive password and archive location as you will need this information to restore keys. If you do not know the TPM Owner Password, please contact your system administrator or refer to your system's TPM setup instructions.

If your PC has multiple users of the TPM, each user must archive his/her keys.

Restore
This function allows you to restore keys that you have previously archived. You will need to use this if your PC experiences a hard drive or TPM security chip failure, or if you transfer your secure data and applications to a new PC. If your hard drive is intact or once you have restored your hard drive by reinstalling your secure applications and copying back the secured data, you will click Restore, point to your archive file, and enter the archive password to restore the TPM keys.

If you have saved passwords to your TCG Security Password Vault, these will also be restored along with your keys rendering the need to remember or re-save passwords a thing of the past. If you are restoring keys to a newly installed EMBASSY Security Center, please initialize the user prior to performing the restore for optimum performance.

If your PC has multiple users of the TPM, each user must restore his/her keys.

Starting Key Transfer Manager
Under normal conditions, Key Transfer Manager automatically starts when you start Windows. It runs in the background, and if functioning properly, will display the Key Transfer Manager icon in the Windows system tray (usually the lower right hand corner of your screen).

If the icon is not present or you exited the program, you can start Key Transfer Manager using one of these methods:

The following is a list of common tasks that you could perform with the Key Transfer Manager:

• Steps for Adding an Archive Location
• Steps for Scheduling Archive Backups
• Steps for Removing an Archive
• Restoring (or Transferring) Keys to a Different PC
        — Steps for Restoring or Transferring All Keys to another PC
        — Steps for Restoring or Transferring Select Keys to a different PC
        — Steps for Recovering from a Hard Drive Failure
        — Steps for Recovering from a TPM or Motherboard Failure