Trusted Computing: Introduction & Applications Lecture 3 ...
Introduction to Trusted Computing
-
Upload
maksim-djackov -
Category
Technology
-
view
91 -
download
0
Transcript of Introduction to Trusted Computing
Trusted Computing
Agenda
Why Trusted Computing
The Trusted Computing Architecture
Uses of Trusted Computing
Issues with Trusted Computing
Trusted Computing in practice
Details: 3rd party attestation
Agenda
Why Trusted Computing
The Trusted Computing Architecture
Uses of Trusted Computing
Issues with Trusted Computing
Trusted Computing in practice
Details: 3rd party attestation
Trusted Computing
Trust (RFC 4949): A feeling of certainty (sometimes
based on inconclusive evidence) either (a) that the
system will not fail or (b) that the system meets its
specifications (i.e., the system does what it claims to do
and does not perform unwanted functions)
When approaching a PC, do we have this feeling?
Lack of Trust
Mutability
– Data
– Applications and libraries
– Device drivers
– Kernel components
– And… the BIOS
“Least privilege” principle is ignored
– Administrator privileges
Huge amounts of trusted code
Secure development principles are not applied
Trusted Computing Group
[An] organization formed to develop, define, and promote open standards for hardware-enabled trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices
Implicitly: software alone will not do
Established (as TCPA) 1999
TPM 1.0 published Feb. 2001
TNC work started 2004
Around 200 member companies
www.trustedcomputing.org
Agenda
Why Trusted Computing
The Trusted Computing Architecture
Uses of Trusted Computing
Issues with Trusted Computing
Trusted Computing in practice
Details: 3rd party attestation
Trusted Computing Architecture
TPM (Trusted Platform Module): a tamper-resistant hardware module
mounted in a platform.
Responsible for: measurement, storage, reporting and policy enforcement
Protected
Code TPM
Boot Process
Operating System
App1 App2 App3
Encrypted
Files
Roots of Trust
A Root of Trust is a component that must behave as
expected, because its misbehavior cannot be detected
– A piece of code
Root of Trust for Measurement: the component that can
be trusted to reliably measure and report to the Root of Trust
for Reporting what software executes at the start of platform
boot
Root of Trust for Reporting: the component that can be
trusted to report reliable information about the platform
Root of Trust for Storage: the component that can be
trusted to securely store any quantity of information
A Chain of Trust (Illustrate with Possible
Attack Scenarios)
The core idea of the Trusted Computing architecture
Each stage measures and validates the next one
– Measurements go into Platform Configuration Registers
(PCRs) on the TPM
The chain starts with the hardware TPM
Then software:
– RTM, TPM Software Stack, BIOS, kernel
– Applications?
At the end, the entire platform is verified to be in a
trusted state
TC Cryptographic Capabilities
SHA-1, HMAC – Hashed message authentication code
Physical random number generation – An important feature in itself
Asymmetric key generation – 2048-bit RSA
Asymmetric crypto encryption/decryption and signing – RSA PKCS#1
Bulk symmetric crypto is performed off-chip – For example, disk encryption
Reasons: price, export considerations
This is no high performance crypto chip!
Agenda
Why Trusted Computing
The Trusted Computing Architecture
Uses of Trusted Computing
Issues with Trusted Computing
Trusted Computing in practice
Details: 3rd party attestation
Uses of Trusted Computing
Data protection: storage of secrets
– TPM unseals storage keys only if the platform is in a trusted state
Detecting unwanted changes to a machine’s configuration
– Secure boot
The next three require “3rd party attestation”
– Protocol described later
Checking client integrity on a local network
– E.g. before the client is allowed into the network
– Or by each network server
Verifying the trustworthiness of a “kiosk”
– By a remote server
– By a local smartcard
Machine authentication for remote access
Trusted Computing in Practice
TPM exists on a very large percentage of desktops and
laptops
– On your computer, too
But it is disabled by default
So it is rarely used
– Even innocuous functionality like RNG is blocked!
Microsoft was expected to enhance TC functionality in Vista
– But only made a small step with BitLocker
– Better with Windows 7 and 8
Apple used TPM once to ensure its new OS only runs on its
own “beta” machines
– But this is the wrong way around!
Agenda
Why Trusted Computing
The Trusted Computing Architecture
Uses of Trusted Computing
Issues with Trusted Computing
Trusted Computing in practice
Details: 3rd party attestation
Remote Attestation
Three phases
Measurement: machine to be attested must measure its
properties locally
Attestation: transfer measurements from machine being
attested to remote machine
Verification: remote machine examines measurements
transferred during attestation and decides whether they
are valid and acceptable
Linux Integrity Measurement
What is the Purpos of Nonce? (Important)
Linux Verification
Dynamic Root of Trust (During
Runtime)
Special CPU instruction
Reset PCRs
First measurement made by hardware
Check if correct and proceed in further measurements
Otherwise DRT was modified and not safe to use
Used for run trusted Virtual Machine, since measuring
all of software during startup is impossible and the same
software can be attacked later
Summary
Trusted Computing tries to solve one of the top
problems in today’s computing
It builds a complex and interesting architecture, using
innovative hardware components
The in-built conflict between proven security and privacy
has not been resolved, and maybe cannot be
TC is making small steps forward, will it ever see
widespread use?