Security HardwareReading MaterialMotivationOutlineOS SecurityMemory ManagementSlide 7Who watches the watchers?Call GateSlide 10Memory Protection RingsLimiting Memory Access TypeWindows SupportDelay to widespread deploymentConsider encrypted filesAnother solutionUses of Smart CardsSmart Card SecuritySecure Co-ProcessorsUses of Co-processorsTrusted Computing GroupTPM FunctionsIntegrity measurementTransitive TrustAttestationSealed StorageTPM DRM exampleOther applicationsKey PointsSecurity HardwareCS498IASpring 2007Reading Material•Magic Boxes and Boots: Security in Hardware, Sean Smith, IEEE Computerhttp://www.cs.dartmouth.edu/~sws/pubs/magic-boxes.pdf•Security Engineering, Chapter 14: Physical Tamper Resistancehttp://www.cl.cam.ac.uk/~rja14/Papers/SE-14.pdf •Intel Pentium II Software Developer’s Manual: Volume 3. Sections 4.5 through 4.8http://developer.intel.com/design/pentium4/manuals/253668.htm•TCG Specification Architecture Overview. Section 4 through 4.4.https://www.trustedcomputinggroup.org/groups/TCG_1_0_Architecture_Overview.pdfMotivation•As CS folks we have concentrated on security abstractions or software implementations•Judicious use of security specific HW is beneficialFeature RestrictionPhysical separationPerformance benefitsOutline•Architectural support for securityMemory managementNo execute bits•Secure co-processorsSmart cardsTrusted Platform ModulesOS Security•Reference Monitor: OS mediates accesses to objects, protects them according to policy•Who protects the operating system?Memory ManagementProcessVirtual Memory Physical MemoryProcess2Memory Management•Virtual Memory managed by a page table•Page Table Entry includes permission flagsReadWrite(Execute)•Each process uses different page tableWho watches the watchers?•Page tables cannot be modifiedExcept in privileged mode•OS runs in privileged mode, processes run in user mode•How do you switch between them?Call gatesCall GateProcess Codecall Gate 1AddressGate 1PrivilegesOS codeenterreturnCall Gate•Upon call to gate:Raise privilege levelSwitch to kernel stack (why?)Save process registers•Upon call gate returnSwitch to user stackRestore registersLower privilege levelMemory Protection Rings•Originally in Multics•In Intel arch since x386•Now used for virtualizationLimiting Memory Access Type•The Pentium architecture supports making pages read/only versus read/write•A recent development is the Execute Disable Bit (XD-bit)Added in 2001 but only available in systems recentlySupported by Windows XP SP2•Similar functionality in AMD Altheon 64Called No Execute bit (NX-bit)Actually in machines on the market sooner than IntelWindows Support•Enabled in Windows XP SP2 as Data Execution Prevention (DEP)Software version if no hardware support•Check to see if you have the bitControl Panel -> System -> Advanced -> DEP tabDelay to widespread deployment•First hardware in 2001•Wait for OS support•Wait for vendors willing to sell•Generally available in 2005Consider encrypted files•Each file or directory may be encrypted with a unique keyHow are the encryption keys stored?Protected by the file system access control?•What if system root is compromised?Encrypted by a master key?•How is the master key stored?Protected by pass phrase?Then human must be presentIf multiple users use system, all must know pass phraseHide it in a good place and hope nobody finds it?Another solution•Secure separate storage for root keysSmart cardSecure co-processor•Keys never leave security processorProtocol to send encrypted blob to security processor and return decrypted data•Tamper resistantData is destroyed when tampering is detectedPrevents sophisticated adversary from pulling secrets from dataUses of Smart Cards•Pay TV channelsDecryption keys kept on smart card•GSM SIM cardsKeys to authenticate cell phone account•Pre-pay cardsMeters, phones, vending machines, transit, ...•Crypto materialDecryption keysSignaturesSmart Card Security•History of increasing sophistication of both manufacturers and attackersMemory remanence - “RAM savers”Freezing RAM - temperature sensorsRadiation attack - radiation sensorsEM noise - shieldingPower analysis - power smoothingMicro-drills, micro-probes, optical probing and manipulation - ???•Defenses make cards more expensive and are prone to false positivesSecure Co-Processors•Co-located on a server or laptopPrevents secure root information from being accessed by malicious programs on the general CPU•IBM sells security processorshttp://www-03.ibm.com/security/cryptocards/http://www.research.ibm.com/journal/sj/403/smith.pdfUses of Co-processors•Copy protectionStore software in co-processor•Secure bootVerify integrity of kernel upon load•Security servicesKeep key material locked upRegulate access to other dataTrusted Computing Group•Consortium developing standards for computer architectures using secure co-processorsCalled the Trusted Platform Module (TPM)http://trustedcomputinggroup.org•Numerous computers (particularly laptops) already ship with TPM’shttp://www.tonymcfadden.net/tpmvendors.htmlMany vendors targeting specific enterprises like Health Care that are particularly concerned with privacy (due to HIPAA)Supported by Vista/LonghornTPM Functions•Integrity measurement•Attestation•Sealed StorageIntegrity measurement•Verify running softwareDefeat rootkits•Report via secure channelSecure display / keyboard supportAttestation (see below)•Hierarchical modelTransitive TrustAttestation•TPM includes a set of public/private keysIssued at manufacture time•Sign hash of measurement + remote challengeProve to 3rd party that software is running•Integrate with session establishmentEstablish secure channel to the right softwareSealed Storage•TPM encrypts data with its keyCannot be decrypted if hard drive stolen•Bind decryption to a particular stateSame computer, same application runningTPM DRM example•Music store wants to sell song X•Contacts TPM, asks for attestation about the receiverRunning authorized player which does not permit copiesRunning “protected” operating system that disables debugging, memory inspection•Sends song over secure channel to playerOther applications cannot see
View Full Document