The document discusses Trusted Platform Modules (TPMs), which are chips integrated into platforms that are intended to provide more security. TPMs can securely store encryption keys and perform cryptographic operations to establish trust. They aim to prevent compromise by malicious software. However, TPMs also enable new capabilities for digital rights management and attestation that could potentially be abused by software vendors. While TPMs may increase security for corporations and governments, they reduce user control and privacy.

1. Randy Fort
CS 265
Trusted Platform Modules
April 19th, 2005

2. What is Trusted Computing?
In 1999, many industry heavyweights
came together to form an industry group.
Mission Statement
“to create a standard set of system
hardware based functions needed to
establish trust on the platform.” [2]

3. What is a TPM?
• A chip integrated into the platform
• The (alleged) purpose is to provide more
security
• It is a separate trusted co-processor
“The TPM represents a separate trusted
coprocessor, whose state cannot be
compromised by potentially malicious
host system software.”
IBM Research Report [4]

4. “The theory is that software based key
generation or storage will always be
vulnerable to software attack, so
private keys should be created,
stored, and used by dedicated
hardware”
Andy Dornan, Trusted Computing: A Matter of Trust
Why?

5. The Trusted Computing Group
The Trusted Computing Group is a non-
profit industry consortium, which develops
hardware and software standards. It is
funded by many member companies,
including IBM, Intel, AMD, Microsoft,
Sony, Sun, and HP among others.
www.trustedcomputinggroup.org

6. Attestation
The TPM's most controversial feature is
attestation, the ability to measure the state
of a computer and send a signed message
certifying that particular hardware or
software is or isn't present. Most TC
opponents fear that this will be abused by
vendors [1].

7. How?
• PKI private keys could be stored in the chip.
• PK signatures calculated in the chip itself,
never visible outside
• Random number generators
• SHA-1 encryption
• Monotonic counters
• Process isolation (encrypted I/O, prevents
keystroke loggers, screen scrapers.

8. How?
• Protection from malware and detection of
compromised systems. [4] Shows that syslogd
has been compromised by a root kit.
• Tick counter, Timestamps are a security critical
parameter in KERBEROS.
• Provide stronger 2 factor authentication.

9. What’s new?
• Conceptually, not much. Most, if not all of the
security ideas already exist
• What TPMs bring to the table is a secure
sealed storage chip for private keys, on-chip
crypto, and random number generators
among others
• The state of the TPM can not be compromised
by malicious host software

10. Cons
• Advanced features will require O/S support.
• Microsoft's NGSCB (Longhorn Due 2006 ???)
• Will require rewrites to interface with the NEXUS.
• Potential for abuse by Software vendors.
• Is trusted computing just DRM on steroids?
• Is TC a security tool or cash flow weapon?
• Co-processor or Cop-processor?

11. Pro vs. Con
• Great for Corporations and Government
• Prevents unauthorized software
• Helps prevent malware
• User privacy not a concern
• DRM lock-in less of a concern for companies
or government

12. Pro vs. Con
• “Trusted Computing requires you to surrender
control of your machine to the vendors of your
hardware and software, thereby making the
computer less trustworthy from the user’s
perspective” [11] Ross Anderson

13. Windows Media Player 9 EULA
"Digital Rights Management (Security). You agree
that in order to protect the integrity of content and
software protected by digital rights management
('Secure Content'), Microsoft may provide security
related updates to the OS Components that will be
automatically downloaded onto your computer.
These security related updates may disable your
ability to copy and/or play Secure Content and use
other software on your computer. If we provide
such a security update, we will use reasonable
efforts to post notices on a web site explaining the
update."

14. “For years Bill Gates has dreamed of
finding a way to make the Chinese pay
for software, TC looks like being the
answer to his prayer.” [11] Ross
Anderson.

15. Conclusion
• Increased security
• PKI
• Malware protection
• Attestation
• A very abuseable capability for software
vendors

16. Bibliography
• [1] Andy Doman, Trusted Computing: A matter of Trust,
http://www.networkmagazine.com/shared/article/showArticle.jhtml?articleId=2210
2889
• [2] DigitalIDWorld, "Assuring Networked Data and Application Reliability", Digital ID
World Jan/Feb 2004 https://www.trustedcomputinggroup.org/press/1-
3412425E_SC.pdf
•
• [4] Reiner Sailer, et al, , "The Role of TPM in Enterprise Security",
https://www.trustedcomputinggroup.org/press/news_articles/rc23363.pdf
• [11] Ross Anderson, http://www.againsttcpa.com/index.shtml