Trusted ComputingTrusted Computing

BY: Sam RanjbariBY: Sam Ranjbari

Billy J. GarciaBilly J. Garcia

What is it?What is it?

Trusted Computing (TC) is an open Trusted Computing (TC) is an open standard for hardware enabled trusted standard for hardware enabled trusted computing and security technologies.computing and security technologies.

This means a more secure PC that only This means a more secure PC that only trusts the software creators not the trusts the software creators not the ownerowner

Trusted ComputingTrusted Computing

TC was created by the non-for-profit TC was created by the non-for-profit organization Trusted Computing organization Trusted Computing Group (TCG); Group (TCG);

An alliance of Microsoft, Intel, IBM, An alliance of Microsoft, Intel, IBM, HP, AMD and … HP, AMD and …

A list can be found at this link A list can be found at this link https://https://www.trustedcomputinggroup.orgwww.trustedcomputinggroup.org/about/members//about/members/

What does Trust mean?What does Trust mean?

Trust means that something does as it is intended Trust means that something does as it is intended to doto do

TCG defines trust as “an TCG defines trust as “an entity can be trusted if it entity can be trusted if it always behaves in the expected manner for the always behaves in the expected manner for the intended purpose”.intended purpose”.

For example, when you save or read something For example, when you save or read something from your hard drive, you want the data to be from your hard drive, you want the data to be written and read accurately like it is intended to be, written and read accurately like it is intended to be, but you have to trust it to write and read without but you have to trust it to write and read without errors. errors.

Who do I trust? Me!Who do I trust? Me!

Today a computer trusts one of two Today a computer trusts one of two entities in a user and hacker model. entities in a user and hacker model.

The user is trusted and the hacker is not.The user is trusted and the hacker is not.

ContinueContinue But when does a computer know that But when does a computer know that

the user is not doing something the user is not doing something harmful? harmful?

With TC the user and the hacker are With TC the user and the hacker are both not trusted. This ensures that both not trusted. This ensures that nothing is done that can compromise nothing is done that can compromise the security of the PC.the security of the PC.

So How does TC work?So How does TC work?

For TC to work you have to use the For TC to work you have to use the Trusted Computing Module (TPM) Trusted Computing Module (TPM) which is a hardware system where which is a hardware system where the core (root) of trust in the the core (root) of trust in the platform will reside. platform will reside.

TPM will be implemented using a TPM will be implemented using a security microchip that handles security microchip that handles security with encryption. security with encryption.

Groups of secure hardware Groups of secure hardware

They are They are memory curtaining, secure input memory curtaining, secure input and output, sealed storage, and remote and output, sealed storage, and remote attestationattestation. .

It is also important to mention the concept of the It is also important to mention the concept of the endorsement keyendorsement key..

The The endorsement keyendorsement key is a 1,048 bit RSA private is a 1,048 bit RSA private and public key that is created randomly on a and public key that is created randomly on a microchip during the manufacturing of the chip. microchip during the manufacturing of the chip. The private key is only used by the chip while the The private key is only used by the chip while the public key is used for attestation and for the public key is used for attestation and for the encryption of sensitive data sent to the chip. encryption of sensitive data sent to the chip.

endorsement key

The key is used to allow secure The key is used to allow secure transactions by the TPM using a transactions by the TPM using a protocol created by TCG. This protocol created by TCG. This prevents a TPM emulator from prevents a TPM emulator from starting a trusted entity. TPM is starting a trusted entity. TPM is also designed to prevent also designed to prevent extraction of the key from extraction of the key from hardware analysishardware analysis

……Groups of secure HardwareGroups of secure Hardware

Memory curtainingMemory curtaining is hardware is hardware enforced memory isolation that will enforced memory isolation that will prevent software from being able to prevent software from being able to read or write to other software’s read or write to other software’s memory.memory.

Today hackers can read memory and Today hackers can read memory and alter applications’ memory to do evil alter applications’ memory to do evil deeds that are not intended. deeds that are not intended.

……Groups of secure HardwareGroups of secure Hardware

Secure input and outputSecure input and output will prevent will prevent threats from key loggers or screen grabbers threats from key loggers or screen grabbers from intruders. from intruders.

Using encrypted input and output will Using encrypted input and output will prevent the intruders from being able to see prevent the intruders from being able to see what the user types or what is on the users what the user types or what is on the users screen because the input from the keyboard screen because the input from the keyboard to the software and the output from the to the software and the output from the software to the screen are encrypted. software to the screen are encrypted.

……Groups of secure HardwareGroups of secure Hardware

Today hard drives are insecure by storing Today hard drives are insecure by storing cryptographic keys on a hard drive that cryptographic keys on a hard drive that intruders can access.intruders can access.

User’s passwords, documents, and other User’s passwords, documents, and other information are also unprotected on information are also unprotected on today’s storage. today’s storage.

……Groups of secure HardwareGroups of secure Hardware

With With sealed storage sealed storage the keys are generated the keys are generated using the hardware and the softwareusing the hardware and the software

For example, when you install a email client For example, when you install a email client on a set of hardware a key is generated and on a set of hardware a key is generated and used for the data that is saved and read from used for the data that is saved and read from the email client.the email client.

If a virus is running on the PC it will not be If a virus is running on the PC it will not be able to read the email because the virus and able to read the email because the virus and the hardware combo generate a different key! the hardware combo generate a different key!

……Groups of secure HardwareGroups of secure Hardware

With With remote attestation remote attestation a certificate is generated a certificate is generated in hardware of the software installed and running on in hardware of the software installed and running on a computer.a computer.

This allows software writers to check and ensure that This allows software writers to check and ensure that their software is unmodified and has not been their software is unmodified and has not been hacked. hacked.

Identity of the software is verified with a hash that Identity of the software is verified with a hash that will change if the software has been changed. will change if the software has been changed.

Since the hash is compared to a remote hash the Since the hash is compared to a remote hash the intruder has no way of forging altered software. intruder has no way of forging altered software.

Trusted ComputingTrusted Computing

Not only TC is used for PCs but it is also Not only TC is used for PCs but it is also going to be used for more hardware such going to be used for more hardware such as set top boxes, mobile phones, servers, as set top boxes, mobile phones, servers, storage devices, networks and more.storage devices, networks and more.

Trusted ComputingTrusted Computing

So when will we see TC being used?So when will we see TC being used? For TC to work you have to have For TC to work you have to have

hardware with the TPM, and software to hardware with the TPM, and software to work with the TPM. Windows Vista is the work with the TPM. Windows Vista is the next generation operating system by next generation operating system by Microsoft that will make use of TC, Microsoft that will make use of TC, although Microsoft likes to call it although Microsoft likes to call it Trustworthiness. Trustworthiness.

Trusted ComputingTrusted Computing

So far both AMD and Intel are working So far both AMD and Intel are working on a new processor to use TPM. on a new processor to use TPM.

Well, who would want to use TC? Well, who would want to use TC? So far the computer industry is So far the computer industry is

supporting TC and the Army wants all of supporting TC and the Army wants all of their computers by 2010 to use a secure their computers by 2010 to use a secure model such as TC. model such as TC.

Use of Trusted ComputingUse of Trusted Computing

Other software that uses TC are Other software that uses TC are openTC, EMSCB, Forum for Open SW openTC, EMSCB, Forum for Open SW based TC, Enforcer, Next-Generation based TC, Enforcer, Next-Generation Secure Computing Base (NGSCB), Secure Computing Base (NGSCB), TruoSerS – The open-source TCG TruoSerS – The open-source TCG Software Stack, and Trusted Java. Software Stack, and Trusted Java.

ConclusionConclusion

Trusted Computing is an industry standard Trusted Computing is an industry standard created to protect a user from intruders created to protect a user from intruders and unsafe actions. and unsafe actions.

With Trusted Computing the PC will decide With Trusted Computing the PC will decide who should be trusted and what is safe and who should be trusted and what is safe and unsafe using the Trusted Platform Module. unsafe using the Trusted Platform Module.

By default no one is trusted except the By default no one is trusted except the hardware and the software publishers. Not hardware and the software publishers. Not even the PC users are trusted. TC was even the PC users are trusted. TC was created for our benefits for sure… created for our benefits for sure…

Trusted-Platform-ModuleTrusted-Platform-Module