Transcript Trusted Computing

Trusted Computing
Don Rau
Cs489
May 10, 2011
TC History
• 1999 Trusted Computing Platform Alliance (TCPA)
– Five Members: Compaq, HP, IBM, Intel and Microsoft
• 2003 TCG (Trusted Computing Group)
– 2003 Successor Group to TCPA
– Today Enjoys Broad Support of
Technology Industry Leaders
– over 200 members, adopters, and
contributors such as…
AMD, NVIDIA, Phoenix, Western Digital, Oracle, Fujitsu, Toshiba
Over 100 Industry Contributors and Promoters
TC History
TCA Mission Statement
The Trusted Computing Group is a not-for-profit organization
formed to develop, define and promote open, vendor-neutral,
industry standards for trusted computing building blocks and
software interfaces across multiple platforms.
What is TC?
What is TC?
Trust Definitions
– Assured reliance on the character, strength or truth of
something
– Expectation of an outcome with some degree of assurance
– System who’s behavior is predictable and reliable
What is TC?
TCG Definition
“The computer or system will consistently behave in
specific ways, and those behaviors will be enforced by
hardware and software when the owner of those systems
enables these technologies”
What is TC?
TCG Stated Goals of TC
“TC technology will make computers safer, less prone to
viruses and malware, and thus more reliable. In addition,
Trusted Computing will allow computer systems to offer
improved security and efficiency”
What is TC?
How Does TC Serve these Goals?
•Establish Strong Machine Identity and Integrity
•Secure Authentication and Strong Protection of User IDs
•Protect Business Critical Data and Systems
•Regulatory Compliance with Hardware-Based Security
How does TC work?
How Does it Work?
1983 Ken Thompson Turing Award Acceptance Speech
– Login application back-door modification
– Compiler hacked so that rebuild of O/S yields same Trojan
horse defect
The system Thompson described was severely compromised
and could not be trusted.
– Trust is Only as Strong as Weakest Link
– Suggests a need for a basis or “Common Root” for Trust
How Does it Work?
• TPM (Trusted Platform Module)
– Provides this “Root of Trust”
– Processor securely mounted to
motherboard in a tamper resistant fashion
– Provides Cryptographic and Hash services
– Verifies Boot Sequence
– Extends Services to Applications providing a mechanism to
verify configurations and identities of components
– AKA Fritz Chip
A cynical reference to S. Carolina Senator and DRM
Advocate, Fritz Hollings
How Does it Work?
• Crypto ‘Endorsement’ Key
embedded at time of
manufacture
• Key Generation
• Hash Generation to uniquely
id components
• Encryption/Decryption
Services
• Exposes services via TSS
(Trusted Software Stack)
Establishing Trust
TPM Validates the Boot Process by Providing Evidence
and attesting that the system boot was carried out by
trusted firmware.
• TPM Verifies Itself and the BIOS
• BIOS Extends Trust by using the TSS to Verify Boot Loader
• Boot loader verifies Operating System
• Operating System verifies devices and drivers
• Etc.
And so a chain of trust is established.
Extending the Chain
TPM Provided Services
• TSS (Trusted Software Stack) provides API for applications and
devices to use trusted services
• Uniquely Identifying Signatures
typically based on hash codes generated from binary code of
underlying component.
• Identities are secured by Cryptographic Keys
• External Certificates of Authority
• TPM/TSS serve as a basis to implement other core TC
concepts, including…
Key TC Concepts
• Attestation
• Memory Curtaining
• Secure I/O
• Sealed Storage
TC Concepts
Attestation
Attest to the Identity of a system and it’s configuration.
– Local
• Secured boot
• Request and verify identity of a specified configuration of
applications
• Trusted Applications request cryptographic services through TSS
– Remote
• Confirmation of expected remote client configuration
• Remote Authentication and Access to Secured Networks
TC Concepts
Memory Curtaining
Prevent applications from accessing other app’s memory
– In a TC platform even the Operating System should not have
access to a programs curtained memory
– Prevent Virus or Malicious code from reading or altering
data in a PCs memory
TC Concepts
Secure I/O
Secure Input and Output attempt
to address two concerns:
– Thwart screen-grabbing and key-logger exploits
– Applications can assure that a user is physically
present user, as distinct from another program
impersonating a user
TC Concepts
• Sealed Storage
Optional secured access to sensitive data
–Addresses inability of a PC to securely store passwords
–Ability to seal data access to only known apps and users
on approved hosts
–Use Cases
• Data Encryption
• DRM
Applications for Trusted Computing Include…
Example Use Cases
Corporate
– Authentication and Remote Access/Distributed Firewalls
– Data Encryption
• Trusted Distributed Collaboration
– Verify distributed Clients integrity (SETI etc)
– Distributed Gaming Anti-Cheat
Xbox and PS currently use proprietary means for secure
boot
• Digital Rights Management (DRM)
TC Opponents
Many opponents express concerns with trusted
computing, going as far as calling it
Treacherous Computing.
Paranoid or Justified?
and
What are the concerns…
TC Opponents
Concerns?
TC Opponents
• Too Much Control to Commercial Interests
• Treats Owner as Adversary
• DRM
– Video, Audio, and Game Content Restrictions
• Constrain play back to certain applications?
• Loss of Flexibility
– Attestation restrictions to certain browsers for certain
content
– Sealed Storage complicates backup options
– Open Source Future?
– Complicates HW/SW upgrades or replacement
Concerns
• Ease of use?
IMPORTANT:
When using BitLocker with a TPM, it is recommended that BitLocker be
turned on immediately after the computer has been restarted.
If the computer has resumed from sleep prior to turning on BitLocker,
the TPM may incorrectly measure the pre-boot components on the
computer.
In this situation, when the user subsequently attempts to unlock the
computer, the TPM verification check will fail and the computer will
enter BitLocker recovery mode and prompt the user to provide recovery
information before unlocking the drive!!!!
Conclusion
• Near Future
– Corporate Use
•Remote Authentication and Access
•Drive Encryption Technology
– Government
“As of 2007 requires all new computer assets, including PDAs to
include a version 1.2 or higher TPM” – DOD Memorandum
– Regulatory Enforcement
Secured Finances and Identity protection
Questions?
TC References
• TCG. 2007, TCG specification architecture overview, 2 August 2008
http://www.trustedcomputinggroup.org/files/resource_files/AC652DE1-1D093519-ADA026A0C05CFAC2/TCG_1_4_Architecture_Overview.pdf
• TCG. 2007, Trusted Computing,
http://www.trustedcomputinggroup.org/trusted_computing
• BERGER, B. D. 2009. Securing data and systems with trusted computing now
and in the future. 2010.
http://www.trustedcomputinggroup.org/files/static_page_files/C71DF61F1A4B-B294D01538F6E3B1C39D/DSCI_InfosecSummit_2010%2010%2002_v2.pdf
• BERGER, B. 2005, Trusted computing group history. 2005. Information Security
Technical Report, Vol 10, Issue 2, 2005, Pp 59-62
• PROUDLER, G., 2002, What’s in a trusted computing platform?,
http://www.informit.com/articles/article.aspx?p=28804&seqNum=4
• COKER, G., GUTTMAN, J, LOSCOCCO, P., HERZOG, A., MILLEN, J., O’HANLON, B.,
RAMSDELL, J., SEGALL, A., SHEEHY, J., SNIFFEN, B., Principals of remote
attestation, National Security Agency, The MITRE Corporation.
http://web.cs.wpi.edu/~guttman/pubs/good_attest.pdf
• LEMOS, R., (2002) Trust or treachery, Cnet News.com,
http://news.cnet.com/2009-1001-964628.html
Real World Examples
• Xbox Secure Boot & DRM
• Printer Cartridges
• MS Palladium NGSCB
• Smart Cards Technology
• Hitachi ’09 1st TC Compliant Hard Drive
• Drive Encryption
• Remote Authentication