2. WHO DO I TRUST?
• Today a computer trusts one of two entities
in a user and hacker model.
• The user is trusted and the hacker is not.
• But when does a computer know that the
user is not doing something harmful?
• With TC the user and the hacker are both
not trusted. This ensures that nothing is
done that can compromise the security of
the PC.
3. WHY TC?
“The theory is that software based key
generation or storage will always be
vulnerable to software attack, so private
keys should be created, stored, and used
by dedicated hardware”
4. TRUSTED COMPUTING: BASIC IDEA
• Addition of security hardware functionality to a
computer system to compensate for insecure
software.
• Enables external entities to have increased level of
trust that the system will perform as
expected/specified.
• Trusted platform = a computing platform with a
secure hardware component that forms a security
foundation for software processes.
• Trusted Computing = computing on a Trusted
Platform .
5. SO HOW DOES TC WORK?
• For TC to work you have to use the Trusted
Computing Module TPM which is a
hardware system where the core (root) of
trust in the platform will reside.
• TPM will be implemented using a security
microchip that handles security with
encryption.
6. WHAT IS A TPM?
• A chip integrated into the platform
• The (alleged) purpose is to provide more security
• It is a separate trusted co-processor
“The TPM represents a
separate trusted coprocessor,
whose state cannot be
compromised by potentially
malicious host system
software.”
7. THE TRUSTED COMPUTING GROUP
• The Trusted Platform Module TPM is an
international standard for a secure crypto-
processor.
• The TPM technical specification was written by
a computer industry consortium called the
Trusted Computing Group TCG.
• The Trusted Computing Group is a non-profit
industry consortium, which develops hardware
and software standards. It is funded by many
member companies, including IBM, Intel, AMD,
Microsoft, Sony, Sun, and HP among others.
8. TRUSTED COMPUTING ARCHITECTURE
TPM (Trusted Platform Module): a tamper-resistant hardware
module mounted in a platform.
Responsible for: measurement, storage, reporting and policy
enforcement.
Protected
Code
TPM
Boot Process
Operating System
App1 App2 App3
Encrypted
Files
9. ROOTS OF TRUST
• A Root of Trust is a hardware or software mechanism,
that is a component which must behave as expected,
because its misbehavior cannot be detected.
• Root of Trust for Measurement (RTM): the component
that can be trusted to reliably measure and report to the
Root of Trust for Reporting what software executes at
the start of platform boot.
• Uses Platform Configuration Registers (PCR) to record
the state of a system.
• Static entity like the PC BIOS.
10. • Root of Trust for Reporting (RTR) : the component that can be
trusted to report reliable information about the platform.
• trusted to report information accurately and correctly.
• Uses PCR and RSA signatures to report the platform
state to external parties.
• Root of Trust for Storage (RTS) : the component that can be
trusted to securely store any quantity of information.
• trusted to store information without interference
leakage.
• Uses PCR and RSA encryption to protect data and
ensure that data can only be accessed if platform is in a
known state.
ROOTS OF TRUST
11. A CHAIN OF TRUST
• The core idea of the Trusted Computing architecture:
• Each stage measures and validates the next one.
• Measurements go into Platform Configuration Registers (PCRs)
on the TPM.
• The chain starts with the hardware TPM,
• Then software:
• RTM, TPM Software Stack, BIOS, kernel
• Applications?
• At the end, the entire platform is verified to be in a
trusted state.
13. SECURE INPUT AND OUTPUT
• Secure I/O provides a secure hardware path
from the keyboard to an application.
• From the application back to the screen.
• No other software running on the same PC
will be able to determine what the user
typed, or how the application responded .
14. MEMORY CURTAINING
• Memory curtaining extends common
memory protection techniques to provide
full isolation of sensitive areas of memory.
• Even the operating system does not have
full access to curtained memory .
15. SEALED STORAGE
• Sealed storage protects private information by
binding it to platform configuration information
including the software and hardware being used.
• Data can be released only to a particular
combination of software and hardware.
• Embedding PCR values in blob ensures that only
certain apps can decrypt data.
16. ENDORSEMENT KEY
• The endorsement key is a 2048-bit RSA
public and private key pair.
• Created randomly on the chip at
manufacture time.
• Non-migratable, store inside the chip,
cannot be removed.
• It is never used for encryption or signing.
17. REMOTE ATTESTATION
• Prove to a remote party what
software/configuration is running on the target
system .
• Three phases:
• Measurement: machine to be attested must measure
its properties locally.
• Attestation: transfer measurements from machine
being attested to remote machine.
• Verification: remote machine examines
measurements transferred during attestation and
decides whether they are valid and acceptable.
18. FINALLY
• ● secure boot allows the system to boot into a defined and
trusted configuration.
• ● curtained memory will provide strong memory isolation;
memory that cannot be read by other processes including
operating systems and debuggers.
• ● sealed storage allows software to keep cryptographically
secure secrets.
• ● remote attestation allows a trusted device to present
reliable evidence to remote parties about the software it is
running.
• Low cost technology.