trustedcomputing_securityfromgroundup
TRANSCRIPT
![Page 1: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/1.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 1/88
Tr usted ComputingSecurity from the ground up
Danny Fullerton – 2011/11/04
![Page 2: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/2.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 2/88
Why I used to hate TC
![Page 3: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/3.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 3/88
Palladium ®
![Page 4: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/4.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 4/88
a chip soldered to our motherboard
![Page 5: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/5.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 5/88
all of your actions had to be approved by Microsoft ®
![Page 6: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/6.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 6/88
I was some kind of frustrated liberal punk...
![Page 7: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/7.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 7/88
… there’s no way I’ve could accept this
![Page 8: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/8.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 8/88
I’ve decided to fight this however I’ve could:
![Page 9: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/9.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 9/88
tell everyone how this would affect us
![Page 10: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/10.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 10/88
swore to never buy a motherboard with this chip
![Page 11: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/11.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 11/88
…and learn about it
![Page 12: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/12.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 12/88
How I came to love TC
![Page 13: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/13.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 13/88
Trusted Computing != Palladium
![Page 14: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/14.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 14/88
it has very interesting security properties
![Page 15: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/15.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 15/88
breaks the status quo
Hackfest 2010 – Broken by Design
No comments on the background
![Page 16: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/16.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 16/88
well, I’m still a liberal punk but *paranoiac* too
![Page 17: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/17.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 17/88
What went wrong?
![Page 18: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/18.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 18/88
My guess :
Trusted Computing is a disruptive innovation
I just didn't understood the technology
![Page 19: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/19.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 19/88
What is it?
![Page 20: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/20.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 20/88
![Page 21: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/21.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 21/88
Protection objectives
![Page 22: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/22.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 22/88
software based attack
open case
sophisticated local attack
High :
Medium :
Low :
![Page 23: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/23.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 23/88
The basic idea
![Page 24: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/24.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 24/88
We cannot trust the entire platform…
![Page 25: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/25.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 25/88
…but only a very small part of it
![Page 26: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/26.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 26/88
…and build a chain of trust
![Page 27: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/27.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 27/88
Root of Trust for Measurements
+Trusted Platform Module
Not entirely true since we have to trust the MLE, and the hardware.
![Page 28: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/28.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 28/88
Core Root Of Trust for Measurements
MCH
CPU
TPMICH
Memory
BIOS
Bios Boot
Block
![Page 29: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/29.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 29/88
Tr usted P latform Module
![Page 30: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/30.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 30/88
secure
I/O
Endorsement Key (EK)
Storage Root Key (SRK)
processor
persistent memory volatile memory
Execution engine
Typical TPM
RSA
engine
SHA1hash
engine
RSA key
generator
RandomNumber
Generator
Prog
CodeOpt-in
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 31: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/31.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 31/88
secure
I/Oprocessor
Execution engine
Orchestrator: receive request and dispatch
RSA
engine
RSA key
generator
RandomNumber
Generator
Prog
CodeOpt-in
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 32: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/32.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 32/88
processor
Execution engine
Implement the specs: validation, execute request, respond
secure
I/O
RSA
engine
RSA key
generator
RandomNumber
Generator
Opt-inProg
Code
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 33: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/33.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 33/88
processor
Execution engine
Create good random data for symmetric, asymmetric, nonce
secure
I/O
RSA
engine
RSA key
generator
Prog
CodeOpt-in
RandomNumber
Generator
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 34: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/34.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 34/88
processor
Execution engine
Securely create RSA key pairs: public, private
secure
I/O
RSA
engine
RandomNumber
Generator
Prog
CodeOpt-in
RSA key
generator
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 35: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/35.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 35/88
processor
Execution engine
RSA encryption, decryption, signature, verification
secure
I/O
RSA key
generator
RandomNumber
Generator
Prog
CodeOpt-in
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
RSA
engine
![Page 36: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/36.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 36/88
processor
Execution engine
Authorization values, HMAC, etc
secure
I/O
RSA
engine
RSA key
generator
RandomNumber
Generator
Prog
CodeOpt-in
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 37: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/37.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 37/88
processor
Execution engine
Keep track of internal state: sessions, etc
secure
I/O
RSA
engine
RSA key
generator
RandomNumber
Generator
Prog
CodeOpt-in
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 38: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/38.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 38/88
processor
Execution engine
Power cycle resistant memory
secure
I/O
RSA
engine
RSA key
generator
RandomNumber
Generator
Prog
CodeOpt-in
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 39: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/39.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 39/88
RSA
engine
RSA key
generator
RandomNumber
Generator
processor
Execution engine
Prog
Code
Enforce user’s choice
secure
I/O
Opt-in
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 40: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/40.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 40/88
at purchase time, TPMs are not operational
![Page 41: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/41.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 41/88
processor
Execution engine
Root of all storage keys
secure
I/O
RSA
engine
RSA key
generator
RandomNumber
Generator
Prog
CodeOpt-in
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
Identity
Keys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 42: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/42.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 42/88
created when owner activate the TPM
![Page 43: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/43.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 43/88
used to create secure key trees
![Page 44: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/44.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 44/88
provide, virtually, unlimited secure storage
Storage Root Keyinside
![Page 45: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/45.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 45/88
Storage Root Key
Storage KeyUser1
Binding Key
Signing Key
Storage KeyUser2
Binding Key
Signing Key
the TPM
outsidethe TPM
The actual structure is malleable and can be very different.
![Page 46: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/46.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 46/88
Processor
Execution engine
TCG specifications assertion
Secured
I/O
RSA
engine
RSA key
generator
RandomNumber
Generator
Prog
CodeOpt-in
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
IdentityKeys (AIK)
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
![Page 47: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/47.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 47/88
endorsement certificate sign by the TPM manufacturer
![Page 48: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/48.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 48/88
uniquely identify the platform
![Page 49: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/49.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 49/88
privacy concerns
![Page 50: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/50.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 50/88
well yes… but no
![Page 51: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/51.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 51/88
EK is only used in conjunction with something else
![Page 52: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/52.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 52/88
Processor
Execution engine
Some kind of privacy protector
SecuredI/O
RSA
engine
RSA key
generator
RandomNumber
Generator
Prog
CodeOpt-in
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
LoadedKeys
Opt-in
Platform Configuration
Registers (PRC)
Attestation
IdentityKeys (AIK)
![Page 53: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/53.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 53/88
privacy CA
challengeryou
mutual trust of the CA – signed AIK satisfy challenger
Privacy
EK
AIK
![Page 54: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/54.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 54/88
What if collusion arise?
Privacy
privacy CA
challengeryou AIK
EK
![Page 55: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/55.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 55/88
Direct Anonymous Attestation (DAA)
![Page 56: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/56.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 56/88
Zero Knowledge Proof
S S
![Page 57: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/57.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 57/88
Processor
Execution engine
Store system measurements: SHA-1 hash
SecuredI/O
RSA
engine
RSA key
generator
RandomNumber
Generator
Prog
CodeOpt-in
Endorsement Key (EK)
Storage Root Key (SRK)
persistent memory volatile memory
SHA1hash
engine
Attestation
IdentityKeys (AIK)
Loaded
Keys
Opt-in
Platform Configuration
Registers (PRC)
![Page 58: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/58.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 58/88
Static Root of Trust for Measurements (SRTM)
L h ti t
![Page 59: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/59.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 59/88
TPM
CRTMBIOSROM
BIOSFLASH
BootLoader
OSKernel …
PCR 0
PCR 1
PCR 2
PCR 3
PCR 4
…
Boot process and PCRs attribution not accurate (highly simplified).
pass execution:
3
2
1
Launch time measurements
store measurement:
measurement:
![Page 60: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/60.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 60/88
one PCR can be used to measure multiple elements
![Page 61: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/61.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 61/88
TPM_Extend()
PCR = hash( old value, new value )
0xAAAA = hash( 0x0000, 0x1111 )0xBBBB = hash( 0xAAAA, 0x2222 )0xCCCC = hash( 0xBBBB, 0x3333 )
0x0000 = boot()
![Page 62: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/62.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 62/88
TPM doesn’t act upon PCRs
![Page 63: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/63.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 63/88
PCRs are stored whether they’re bad or good
![Page 64: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/64.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 64/88
Dynamic Root of Trust for Measurements (DRTM)
Late launch measurements
![Page 65: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/65.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 65/88
TPMICH
P C R 1
8
P C R 1
9
…
P C R 1
7
Late launch measurements
measurement:
MCH
CPU
SMX
store measurement:
Memory
OSKernel
…
pass execution:
Process not accurate (highly simplified).
Late launch measurements
![Page 66: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/66.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 66/88
Late launch measurements
MCH
CPUSMX
Process not accurate (highly simplified).
TPMICH
P C R 1
8
P C R 1
9
…
P C R 1
7
measurement:
store measurement:
Memory
OSKernel
…
pass execution:
Late launch measurements
![Page 67: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/67.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 67/88
Late launch measurements
MCH
CPUSMX
Process not accurate (highly simplified).
TPMICH
P C R 1
8
P C R 1
9
…
P C R 1
7
measurement:
store measurement:
Memory
OSKernel
…
pass execution:
![Page 68: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/68.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 68/88
Security Enhancements
![Page 69: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/69.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 69/88
RTM – Root of Trust for MeasurementCRTM + TPM (SRTM) || SMX + TPM (DRTM)
Measurements
![Page 70: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/70.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 70/88
Sealed storage
TPM Seal(): Encrypt data to a specific environment
![Page 71: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/71.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 71/88
TPM
data
_ () yp p
encrypteddata
PCR X: f56b7e4d5e065214afa5cc8b86897d7a4cbffb14
PCR Y: 7cb06027e87e7d848d8576d8fef5f76256f41cee
PCR Z: 38464bf083d958b53580c63c01e56707fd043588
TPM Unseal(): Decrypt if a specific environment is active
![Page 72: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/72.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 72/88
TPM
encrypteddata
PCR xPCR y
_ () yp p
PCR z
data
PCR X: f56b7e4d5e065214afa5cc8b86897d7a4cbffb14
PCR Y: 7cb06027e87e7d848d8576d8fef5f76256f41cee
PCR Z: 38464bf083d958b53580c63c01e56707fd043588
![Page 73: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/73.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 73/88
Detect malwareKeylogger / Meterpreter / KonBootRootkits (user/kernel, MBR, BIOS)
Protect dataKeys, BitLocker, etc
manipulate confidential db
![Page 74: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/74.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 74/88
Time
block I/O unblock I/O
DRTM
measurement
TPM_unseal db key erase db key
A t t a c k
S u r f a c e
manipulate confidential db
![Page 75: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/75.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 75/88
Time
block I/O unblock I/O
DRTM
measurement
TPM_unseal db key erase db key
A t t a c k
S u r f a c e
attack
![Page 76: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/76.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 76/88
Remote Attestation
TPM_Quote(): Sign PCRs with AIK
![Page 77: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/77.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 77/88
TPM
AIK
PCR x
PCR y
PCR zPCR x
PCR y
PCR z
AIK signature
AttestationRSA
engine
![Page 78: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/78.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 78/88
Strong Network Access Control (NAC)Trusted Network Connect
![Page 79: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/79.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 79/88
assess the security of a kiosk with your mobile device
![Page 80: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/80.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 80/88
Conclusion
![Page 81: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/81.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 81/88
a TPM is a passive device
![Page 82: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/82.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 82/88
it cannot take over your platform by itself
![Page 83: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/83.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 83/88
at this point, there’s no battle about
keeping our freedom / rights
![Page 84: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/84.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 84/88
Trusted Computing is a tool…
![Page 85: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/85.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 85/88
…nothing else
![Page 86: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/86.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 86/88
…and it’s about time we start using it
![Page 87: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/87.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 87/88
Thanks!
![Page 88: TrustedComputing_SecurityFromGroundUp](https://reader031.vdocument.in/reader031/viewer/2022012919/577d24841a28ab4e1e9ca2c9/html5/thumbnails/88.jpg)
8/3/2019 TrustedComputing_SecurityFromGroundUp
http://slidepdf.com/reader/full/trustedcomputingsecurityfromgroundup 88/88