2. What is Trusted Computing?
In 1999, many industry heavyweights
came together to form an industry group.
Mission Statement
“to create a standard set of system
hardware based functions needed to
establish trust on the platform.” [2]
3. What is a TPM?
• A chip integrated into the platform
• The (alleged) purpose is to provide more
security
• It is a separate trusted co-processor
“The TPM represents a separate trusted
coprocessor, whose state cannot be
compromised by potentially malicious
host system software.”
IBM Research Report [4]
4. “The theory is that software based key
generation or storage will always be
vulnerable to software attack, so
private keys should be created,
stored, and used by dedicated
hardware”
Andy Dornan, Trusted Computing: A Matter of Trust
Why?
5. The Trusted Computing Group
The Trusted Computing Group is a non-
profit industry consortium, which develops
hardware and software standards. It is
funded by many member companies,
including IBM, Intel, AMD, Microsoft,
Sony, Sun, and HP among others.
www.trustedcomputinggroup.org
6. Attestation
The TPM's most controversial feature is
attestation, the ability to measure the state
of a computer and send a signed message
certifying that particular hardware or
software is or isn't present. Most TC
opponents fear that this will be abused by
vendors [1].
7. How?
• PKI private keys could be stored in the chip.
• PK signatures calculated in the chip itself,
never visible outside
• Random number generators
• SHA-1 encryption
• Monotonic counters
• Process isolation (encrypted I/O, prevents
keystroke loggers, screen scrapers.
8. How?
• Protection from malware and detection of
compromised systems. [4] Shows that syslogd
has been compromised by a root kit.
• Tick counter, Timestamps are a security critical
parameter in KERBEROS.
• Provide stronger 2 factor authentication.
9. What’s new?
• Conceptually, not much. Most, if not all of the
security ideas already exist
• What TPMs bring to the table is a secure
sealed storage chip for private keys, on-chip
crypto, and random number generators
among others
• The state of the TPM can not be compromised
by malicious host software
10. Cons
• Advanced features will require O/S support.
• Microsoft's NGSCB (Longhorn Due 2006 ???)
• Will require rewrites to interface with the NEXUS.
• Potential for abuse by Software vendors.
• Is trusted computing just DRM on steroids?
• Is TC a security tool or cash flow weapon?
• Co-processor or Cop-processor?
11. Pro vs. Con
• Great for Corporations and Government
• Prevents unauthorized software
• Helps prevent malware
• User privacy not a concern
• DRM lock-in less of a concern for companies
or government
12. Pro vs. Con
• “Trusted Computing requires you to surrender
control of your machine to the vendors of your
hardware and software, thereby making the
computer less trustworthy from the user’s
perspective” [11] Ross Anderson
13. Windows Media Player 9 EULA
"Digital Rights Management (Security). You agree
that in order to protect the integrity of content and
software protected by digital rights management
('Secure Content'), Microsoft may provide security
related updates to the OS Components that will be
automatically downloaded onto your computer.
These security related updates may disable your
ability to copy and/or play Secure Content and use
other software on your computer. If we provide
such a security update, we will use reasonable
efforts to post notices on a web site explaining the
update."
14. “For years Bill Gates has dreamed of
finding a way to make the Chinese pay
for software, TC looks like being the
answer to his prayer.” [11] Ross
Anderson.
16. Bibliography
• [1] Andy Doman, Trusted Computing: A matter of Trust,
http://www.networkmagazine.com/shared/article/showArticle.jhtml?articleId=2210
2889
• [2] DigitalIDWorld, "Assuring Networked Data and Application Reliability", Digital ID
World Jan/Feb 2004 https://www.trustedcomputinggroup.org/press/1-
3412425E_SC.pdf
•
• [4] Reiner Sailer, et al, , "The Role of TPM in Enterprise Security",
https://www.trustedcomputinggroup.org/press/news_articles/rc23363.pdf
• [11] Ross Anderson, http://www.againsttcpa.com/index.shtml