trusted platform module
play

Trusted Platform Module Dries Schellekens COSIC, KU Leuven - PowerPoint PPT Presentation

Sep 14, 2023 •447 likes •788 views

Trusted Platform Module Dries Schellekens COSIC, KU Leuven Nomenclature Trusted versus trustworthy RFC 4949 (Internet Security Glossary) Trust : A feeling of certainty (sometimes based on inconclusive evidence) either (a) that the system

  1. Trusted Platform Module Dries Schellekens COSIC, KU Leuven

  2. Nomenclature Trusted versus trustworthy

  3. RFC 4949 (Internet Security Glossary) • Trust : A feeling of certainty (sometimes based on inconclusive evidence) either (a) that the system will not fail or (b) that the system meets its specifications (i.e., that system does what it claims to do and does not perform unwanted functions). • Trusted system : A system that operates as expected according to design and policy, doing what is required – despite environmental disruption, human user and operator errors, and attacks by hostile parties – and not doing other things. • Trustworthy system : A system that not only is trusted, but also warrants that trust because the system’s behavior can be validated in some convincing way, such as through formal analysis or code review. Trusted Platform Module, Dries Schellekens, COSIC Slide 3

  4. Alternative definitions • NSA definition o Trusted : System or component whose failure can break the security policy. (TCB = Trusted Computing Base) o Trustworthy : System or component that will not fail with respect to the security policy. • TCG definition o “An entity can be trusted if it always behaves in the expected manner for the intended purpose.” • Some people now regret the name Trusted Computing o Trustworthy Computing or maybe Trustable Computing could be a better title, but it is too late to change. Trusted Platform Module, Dries Schellekens, COSIC Slide 4

  5. Motivation Establish trustworthiness in distributed IT systems

  6. Classic attacks on online banking • Attack on network communication transfer €50 transfer €10000 to Pela to Criminal • Impersonation attack transfer €10000 to Criminal Trusted Platform Module, Dries Schellekens, COSIC Slide 6

  7. Modern attacks on online banking • Phishing attack transfer €50 transfer €1000 to Bob to Criminal • Man-in-the-browser attack transfer €50 transfer €1000 to Bob to Criminal Trusted Platform Module, Dries Schellekens, COSIC Slide 7

  8. Trusted Computing to the rescue • Trusted computing platforms support o Verification of software executing on remote platform o Binding of data to specific platform state • Applications o Online banking o Multiplayer game o Remote access to corporate network o Digital/Enterprise rights management o … Trusted Platform Module, Dries Schellekens, COSIC Slide 8

  9. Milestones of Trusted Computing 1999 Trusted Computing Platform Alliance (TCPA) founded by Feb. 2002 Trusted Platform Module (TPM) 1.1b specification published April 2003 (TCG) formed as successor for TCPA Oct. 2003 TPM 1.2 specification published 2006 20+ million TPMs sold Jan. 2007 TPM supported by BitLocker drive encryption in June 2007 Mobile Trusted Module (MTM) 1.0 specification published May 2009 TPM 1.2 specification adopted as ISO/IEC 11889 standard 2011 500+ million TPMs sold Oct. 2012 Improved TPM support in March 2013 TPM 2.0 library specification published Trusted Platform Module, Dries Schellekens, COSIC Slide 9

  10. Technical overview

  11. TCG components • Core Root of Trust for Measurement (CRTM) o Immutable software component that executes upon a host platform reset o Platform dependent: BIOS for PC and EFI for Server • Trusted Platform Module (TPM) o Hardware component that provides a set of fixed cryptographic and security functions o (Originally) intended to be platform agnostic • Trusted Software Stack (TSS) o Issues low-level TPM commands and receives low-level TPM responses on behalf of high-level applications Trusted Platform Module, Dries Schellekens, COSIC Slide 11

  12. Core Root of Trust for Measurement • Immutable portion of the host platform’s initialization code that is executed upon a host platform reset • Trust in measurement of platform configuration is based on the integrity of the CRTM • On PC platform o CRTM = BIOS boot block • Rest of BIOS is measured in authenticated boot process o CRTM = Entire BIOS • BIOS Flash memory must be protected against unauthorized reprogramming • TCG has specifications for o Conventional BIOS o EFI (Extensible Firmware Interface) BIOS Trusted Platform Module, Dries Schellekens, COSIC Slide 12

  13. Trusted Platform Module • Design goals: Simple, thus cheap (< $1) and hopefully free of bugs o Low performance (no crypto accelerator) o • Smartcard like cryptographic coprocessor Small set of cryptographic functions o • Key generation, signing, encryption (RSA), hashing (SHA-1), HMAC Hardware random number generator (RNG) o • Additional features Authenticated boot (integrity measurement) o Remote attestation (integrity reporting) o Sealed storage o • Securely bound to the rest of the platform • 500+ million TPMs (mainly 1.2) sold today Trusted Platform Module, Dries Schellekens, COSIC Slide 13

  14. TPM hardware architecture EEPROM SRAM ROM µ C RSA Chip layout of Infineon TPM 1.2  Christopher Tarnovsky (Black Hat 2010) Trusted Platform Module, Dries Schellekens, COSIC Slide 14

  15. TPM hardware architecture Microcontroller ( µ C) with RSA coprocessor and RNG • • ROM: Firmware for microcontroller SHA-1 and HMAC typically in software o • SRAM: Volatile memory Key slots: load external keys o Platform Configuration Registers (PCR): store integrity o measurements (24 x 160 bit) • EEPROM: Non-volatile memory Endorsement Key (EK) uniquely identifies TPM o Storage Root Key (SRK) encrypts other keys maintained by TPM o Owner’s authorization data (password) o Monotonic counters (4 x 32 bit) o NVRAM: small amount of freely programmable memory o • I/O interface PC Client: Low-Pin Count (LPC) bus o Embedded: I2C or System Management Bus (SMBus) o Trusted Platform Module, Dries Schellekens, COSIC Slide 15

  16. Integration of TPM into PC platform Parallel Port Serial Port Hard Disk Interface Network Floppy PS/2 Graphics Controller Graphics I/O Central LPC Memory FSB Controller Processing Super I/O Controller Hub Unit Hub (ICH) (CPU) (GMCH) System Expansion TPM Devices Memory Cards USB LPC = Low Pin Count BIOS Flash FSB = Front Side Bus Trusted Platform Module, Dries Schellekens, COSIC Slide 16

  17. TCG functionality • Authenticated boot o Logging of boot sequence • Remote attestation o Report boot sequence to third party • User management o Balance the interest of different parties (user, owner, …) • Key management o Maintain cryptographic keys and control usage/access o Sealed storage: restrict access based on specific boot sequence • Other features o RNG, clock, monotonic counter, … Trusted Platform Module, Dries Schellekens, COSIC Slide 17

  18. Authenticated boot • Synonym: measured boot or trusted boot • Transitive chain of trust 1 Boot Operating CRTM BIOS Application Loader System 4 2 3 TPM 1. “Measure” integrity of next component SML M X = Hash(X) PCR 65 98 12 49 0 M BIOS 2. Store measurement value M X in SML M BL 3. Extend measurement value M X in PCR PCR new = Hash(PCR old , M X ) M OS 4. Execute/pass control to next component M App PCR = Platform Configuration Register SML = Stored Measurement Log Trusted Platform Module, Dries Schellekens, COSIC Slide 18

  19. Difference with secure boot • Secure boot Boot process is halted when untrusted software is loaded o Only execute code that is signed by the device manufacturer o or a certified software vendor Examples: game consoles, smart phones, TV settop box o • Authenticated boot TPM is passive and only records the boot process o Platform can still load arbitrary software, like with a traditional o open platform (e.g., PC) Enforcement of “good” configurations has to be done o separately • Remote attestation is used to grant/deny access to network service • Sealed storage is used to grant/deny access to locally stored secret • Warning: UEFI Secure Boot is coming to PC with Windows 8 Trusted Platform Module, Dries Schellekens, COSIC Slide 19

  20. Remote attestation • Remote attestation: challenge-response protocol nonce cert AIK , Sign AIK (nonce, PCR), SML Verifier • TPM identities Endorsement Key (EK): uniquely identifies TPM o Attestation Identity Key (AIK): pseudonym o Cert EK , AIK Enc EK (cert AIK ) Privacy CA Trusted Platform Module, Dries Schellekens, COSIC Slide 20

  21. Direct anonymous attestation (DAA) • TPM may have multiple AIKs Best case: different AIK for every service provider o • Practical issues with Privacy CA Trusted third party is hard to find and expensive to maintain o Evidence: no commercial privacy CA at the moment o Privacy CA can link pseudonyms o • TPM 1.2 defines alternative solution to certify AIKs Direct Anonymous Attestation: zero knowledge protocol o • Unlinkability of TPM transactions • No privacy CA needed TPMs can only be recognized if o • Their internal DAA secrets are exposed • They try to identify too often in a short period Trusted Platform Module, Dries Schellekens, COSIC Slide 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A BAD DREAM: SUBVERTING TRUSTED PLATFORM MODULE WHILE YOU ARE SLEEPING Seunghun Han, Wook Shin,

A BAD DREAM: SUBVERTING TRUSTED PLATFORM MODULE WHILE YOU ARE SLEEPING Seunghun Han, Wook Shin,

A BAD DREAM: SUBVERTING TRUSTED PLATFORM MODULE WHILE YOU ARE SLEEPING Seunghun Han, Wook Shin, Jun-Hyeok Park, and HyoungChun Kim, National Security Research Institute BACKGROUND Trusted Computing Group (TCG) Trusted Platform Module

375 views • 19 slides
Trusted Platform Module (TPM) introduction Mark D. Ryan University of Birmingham Computer

Trusted Platform Module (TPM) introduction Mark D. Ryan University of Birmingham Computer

Trusted Platform Module (TPM) introduction Mark D. Ryan University of Birmingham Computer Security module October 2009 The Trusted Computing Group An industry consortium including Microsoft, HP, Dell, Sony, Lenovo, Toshiba, Vodafone,

415 views • 18 slides
for TPM API Aybek Mukhamedov, Andy Gordon and Mark Ryan Trusted Platform Module Trusted

for TPM API Aybek Mukhamedov, Andy Gordon and Mark Ryan Trusted Platform Module Trusted

Towards Verified C specification for TPM API Aybek Mukhamedov, Andy Gordon and Mark Ryan Trusted Platform Module Trusted Computing, an initiative by major IT vendors Functions: integrity measurement, reporting &amp; protected storage

374 views • 16 slides
TPM: Trusted Platform Module Sumeet Bajaj sbajaj@cs.stonybrook.edu 9 Feb 2011 CSE 408

TPM: Trusted Platform Module Sumeet Bajaj sbajaj@cs.stonybrook.edu 9 Feb 2011 CSE 408

TPM: Trusted Platform Module Sumeet Bajaj sbajaj@cs.stonybrook.edu 9 Feb 2011 CSE 408 Introduction verification request verification data Verifier Platform Attestation of Remote Platform Identify specific platform Verify software

626 views • 24 slides
Trusted Platform Module Alan Dunn , Owen Hofmann, Brent Waters, Emmett Witchel University of

Trusted Platform Module Alan Dunn , Owen Hofmann, Brent Waters, Emmett Witchel University of

Cloaking Malware with the Trusted Platform Module Alan Dunn , Owen Hofmann, Brent Waters, Emmett Witchel University of Texas at Austin USENIX Security August 12, 2011 Trusted Computing Goal: Secure environment for computation Trust

331 views • 19 slides
vTPM: Virtualizing the Trusted Platform Module Joshua Schiffman Systems and Internet

vTPM: Virtualizing the Trusted Platform Module Joshua Schiffman Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA vTPM: Virtualizing the Trusted Platform Module Joshua Schiffman

350 views • 19 slides
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklins 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have trusted hardware?

315 views • 27 slides
Modern Systems: Security October 8, 2012 Background: Trusted Platform Modules What is a TPM?

Modern Systems: Security October 8, 2012 Background: Trusted Platform Modules What is a TPM?

Modern Systems: Security October 8, 2012 Background: Trusted Platform Modules What is a TPM? 16 Platform Configuration Registers (PCRs) Random Number Generator (RNG) Endorsement Key (EK) burned in hardware What can it do?

575 views • 33 slides
TPM Meets DRE: Reducing the Trust Base for Electronic Voting Using Trusted Platform Modules

TPM Meets DRE: Reducing the Trust Base for Electronic Voting Using Trusted Platform Modules

TPM Meets DRE: Reducing the Trust Base for Electronic Voting Using Trusted Platform Modules Russell A. Fink, Alan T. Sherman, and Richard Carback Direct Recording Electronic (DRE) Higher usability compared to paper ballot Multi-language

299 views • 15 slides
Access Control Casey Schaufler August 2010 Casey Schaufler Trusted Solaris, Trusted Irix,

Access Control Casey Schaufler August 2010 Casey Schaufler Trusted Solaris, Trusted Irix,

File Content Based Access Control Casey Schaufler August 2010 Casey Schaufler Trusted Solaris, Trusted Irix, Linux LSM Various Government Efforts Trusix, CMM, CHATS Standards P1003.1e/2c, TSIG Smack Linux Security Module

497 views • 30 slides
Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada,

Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada,

Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada, KTH Pointsec Mobile Technologies TPM Introduction Microcontroller affixed to the motherboard. Cryptographic functions like key storage

834 views • 35 slides
IMA Platform Computing Module based on Partial Reconfigurable FPGA R. F. Romero, O. Saotome, D.

IMA Platform Computing Module based on Partial Reconfigurable FPGA R. F. Romero, O. Saotome, D.

IMA Platform Computing Module based on Partial Reconfigurable FPGA R. F. Romero, O. Saotome, D. S. Loubach, E. G. O. Nbrega, I. Sander, I. S derquist 1 ABSTRACT The present work proposes an IMA module design approach based on partial

344 views • 12 slides
1 MODULE SPECIFICATION Module Aims The module aims to deliver knowledge of the essential

1 MODULE SPECIFICATION Module Aims The module aims to deliver knowledge of the essential

MODULE SPECIFICATION Project Management and Credit Module Title: Level : 5 20 Presentation Techniques Value : Is this a Code of module Module code : ENG543 new NO being replaced : module? Cost Centre : GAME JACS3 code : F311

261 views • 4 slides
HortiCube: A Platform for Transparent, Trusted Data Sharing in the Food Supply Chain Igls-Forum,

HortiCube: A Platform for Transparent, Trusted Data Sharing in the Food Supply Chain Igls-Forum,

HortiCube: A Platform for Transparent, Trusted Data Sharing in the Food Supply Chain Igls-Forum, 18 February 2016 Jack Verhoosel, Michael van Bekkum, Tim Verwaart jack.verhoosel@tno.nl Motivation: data sharing issues Traditionally limited data

218 views • 18 slides
&amp; Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic

&amp; Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic

Hardware Security Trusted Execution Environments (TEEs) &amp; Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic hardware-backed security solutions smartcard for users HSM (Hardware Security Module) in

774 views • 63 slides
Evaluating BFT Protocols for Spire Henry Schuh &amp; Sam Beckley 600.667 Advanced Distributed

Evaluating BFT Protocols for Spire Henry Schuh &amp; Sam Beckley 600.667 Advanced Distributed

Evaluating BFT Protocols for Spire Henry Schuh &amp; Sam Beckley 600.667 Advanced Distributed Systems &amp; Networks SCADA &amp; Spire Overview High-Performance, Scalable Spire Trusted Platform Module Known Network Characteristics

1.01k views • 51 slides
CS6220: DATA MINING TECHNIQUES Matrix Data: Classification: Part 1 Instructor: Yizhou Sun

CS6220: DATA MINING TECHNIQUES Matrix Data: Classification: Part 1 Instructor: Yizhou Sun

CS6220: DATA MINING TECHNIQUES Matrix Data: Classification: Part 1 Instructor: Yizhou Sun yzsun@ccs.neu.edu September 16, 2013 Matrix Data: Classification: Part 1 Classification: Basic Concepts Decision Tree Induction Model

779 views • 48 slides
Social Media Computing Lecture 4: Introduction to Information Retrieval and Classification

Social Media Computing Lecture 4: Introduction to Information Retrieval and Classification

Social Media Computing Lecture 4: Introduction to Information Retrieval and Classification Lecturer: Aleksandr Farseev E-mail: farseev@u.nus.edu Slides: http://farseev.com/ainlfruct.html At the beginning, we will talk about text a lot (text

992 views • 61 slides
Elements of Machine Intelligence - I Ken Kreutz-Delgado (Nuno Vasconcelos) ECE Department, UCSD

Elements of Machine Intelligence - I Ken Kreutz-Delgado (Nuno Vasconcelos) ECE Department, UCSD

ECE-175A Elements of Machine Intelligence - I Ken Kreutz-Delgado (Nuno Vasconcelos) ECE Department, UCSD Winter 2012 The course The course will cover basic, but important, aspects of machine learning and pattern recognition We will cover a

661 views • 26 slides
Compliance Problem Vytautas YRAS Reinhard RIEDL Vilnius University Bern University of Applied

Compliance Problem Vytautas YRAS Reinhard RIEDL Vilnius University Bern University of Applied

Formulating the Enterprise Architecture Compliance Problem Vytautas YRAS Reinhard RIEDL Vilnius University Bern University of Applied Sciences Lithuania Switzerland Vytautas.Cyras@mif.vu.lt Reinhard.Riedl@bfh.ch Baltic DB&amp;IS 2012,

878 views • 20 slides
Probabilistic &amp; Unsupervised Learning Beyond linear-Gaussian and Mixture models Maneesh

Probabilistic &amp; Unsupervised Learning Beyond linear-Gaussian and Mixture models Maneesh

Probabilistic &amp; Unsupervised Learning Beyond linear-Gaussian and Mixture models Maneesh Sahani maneesh@gatsby.ucl.ac.uk Gatsby Computational Neuroscience Unit, and MSc ML/CSML, Dept Computer Science University College London Term 1,

1.41k views • 124 slides
Unsupervised Learning Andrea Passerini passerini@disi.unitn.it Machine Learning Unsupervised

Unsupervised Learning Andrea Passerini passerini@disi.unitn.it Machine Learning Unsupervised

Unsupervised Learning Andrea Passerini passerini@disi.unitn.it Machine Learning Unsupervised Learning Unsupervised Learning Setting Supervised learning requires the availability of labelled examples Labelling examples can be an extremely

752 views • 27 slides
Experiences of Teaching Real-Time Systems to Control Engineers Karl-Erik rzn Dept of

Experiences of Teaching Real-Time Systems to Control Engineers Karl-Erik rzn Dept of

Experiences of Teaching Real-Time Systems to Control Engineers Karl-Erik rzn Dept of Automatic Control Lund University Outline The Lund Education Systems The Real-Time Systems Course A MBSE Perspective on the course Education

718 views • 43 slides
Concise Introduction to Deep Neural Networks Outline: Classification problems Motivating

Concise Introduction to Deep Neural Networks Outline: Classification problems Motivating

Concise Introduction to Deep Neural Networks Outline: Classification problems Motivating Deep (large) Neural Network (DNN) classifiers Neurons and DNN architectures Numerical training of DNNs (supervised deep learning) Spiking

630 views • 33 slides

More recommend