Trusted ComputingIntroductionPIIDescartes (1641)The Matrix?InterestTrust in other softwareTrust in youImplicationsTrusted Computing InitiativesFoundation of TrustSlide 12Trusted Computing Platform AllianceTrusted Platform Module (TPM) v1.1PC Specific block diagram of TCGSecure storage in TPMAdditional operation: UnbindTypes of keysEncryption AlgorithmsSelf testsSelf test procedureTarget of evaluation (TOE)T.ExportT.ReplayTPM Block diagramSoftwareNext-Generation Secure Computing Base for WindowsNGSCBMicrosoft on applicationsFeatures described by MicrosoftMemory CurtainingSecure I/OSecure StorageDo you have control?Remote AttestationAdvantagesProblemsMore problemsInteroperabilityDigital Rights ManagementLinks between DRM and NGSCBComputer User as AdversaryTroubling implicationsRelated LegislationHollings BillSlide 46Why TCG?Importance of Open SourceWill it work for us?Limiting the ScopeThe Law and Economics of Reverse EngineeringInteroperability DebateOpen Source Software Projects as User Innovation Networksvon Hippel’s Resultsvon Hippel’s Results continuedConclusionLessonsThe Battle has begun!Trusted ComputingChandana Praneeth WanigasekeraIntroduction•jetBlue•The need for systems that can be trusted•Embedding Privacy Policy into the applications that use Sensitive Information•Credit card machinesPII•You can still retain control•Expiration•Remote destruction with little effort by the corporation who has the data•Force privacy policiesDescartes (1641)•Meditations on First Philosophy•Can we trust our senses?•What if everything we experience is a delusion created by an evil demon bent on deceiving us?The Matrix?Interest•This is a question that has been weighing on Several computer companies•How do you know that your computer is actually what it seems? •Hackers and imitative programs•Sensitive information, keystrokes and complete controlTrust in other software•How can one program running on your computer trust another one?•What if the operating system has been subverted•Anti Virus•How would you warn the user?Trust in you•Movie studios, recording companies, Health care providers [ legitimate right ]•Some information is given based on trust in you•Do you have control?•Real issues–Viruses–Trojans–Spyware–P2P networksImplications•Implications for a P3P client•Alterations of policy•Lack of enforcement•Advantages of a trusted client and a trusted website component•Many implications on privacy of sensitive informationTrusted Computing Initiatives•Trusted Computing Platform Alliance•Trusted Computing Group•Microsoft, Intel, IBM, HP, AMD•Hardware + Software•Attempt to build a trusted platformFoundation of Trust•Descartes•“A secure reliable bootstrap architecture” (1997)•Bill Arbaugh, Dave Farber, Jonathan Smith•Booting a machine into a known state•Early PC’s – ROM BIOS and no HDD•Digital Rights Management OS Patent by Microsoft•Paul England (Secure PC team leader)Foundation of TrustPre boot•Ultimate aim is to end up in a known state•Need for a core root of trust moduleCore Root of TrustPost bootKnown StateTrusted Computing Platform Alliance•Mission“Through the collaboration of HW, SW, communications, and technology vendors, drive and implement TCPA specifications for an enhanced HW and OS based trusted computing platform that implements trust into client, server, networking, and communication platforms.” •Replaced by Trusted Computing Group, but the TCPA specification was adopted by TCG as their specification.•Patent licensing policy of TCG, all new work•Compaq, HP, IBM, Intel, MicrosoftTrusted Platform Module (TPM) v1.1•The TPM is a collection of hardware, firmware and/or software that support the following protocols and algorithms:Algorithms: RSA, SHA-1, HMACRandom number generationKey generationSelf Tests•The TPM provides storage for an unlimited number of private keys or other data using RSAPC Specific block diagram of TCGSecure storage in TPM•Seal and Unseal which are simply front-ends to RSA encrypt and decrypt•But sealing encrypts the platform configuration register (PCR) values with the data. Unique identifier tpmProof.•Conditions for unsealing data–Appropriate key is available–TPM PCR’s must contain the same values as during sealing (implicit key in PCR’s)–tpmProof must be the same as during encryption•Allows software to state the future configuration the platform must be for unsealing.Additional operation: Unbind•Unbind decrypts a “blob” created outside the TPM where the private key is stored inside the TPM.•A blob is data + header information encrypted. •Seal jet Blue customer data–Can only be decrypted on the same platform–Removes the possibility of data being accessed by different machinesTypes of keys•Storage Root Key – one for each TPM created at the request of the owner, migratable, unmigratable data•Signing keys – leaves of the storage root key hierarchy•Storage keys – used for the protected storage hierarchy only and Binding keys•Identity keys – used for TPM identity•Endorsement key pair – asymmetric key pair generated by or inserted in the TPM as proof that it is genuine.–One to one relationship between TPM and endorsement key–One to one relationship between TPM and platform–Endorsement key and platformEncryption Algorithms•RSA algorithm (must)•RSA key sizes of 512, 1024, and 2048 bits.•The RSA public exponent must be e, where e = 216+1•TPM storage keys must be equivalent to a 2048 bit RSA key•Secure Hash Algorithm (SHA) -1 hash algorithm(160 bits) – used in the early stages of the boot process (more complicated later?)•RSA for signature and verification•RNG capabilities -> only accessible to TPM commands•Key generation capabilities -> protected by a private key held in a shielded locationSelf tests•Checks RNG•Checks Integrity Registers•Checks integrity of endorsement key pair by making it sign and verify a known value•Self checks the TPM microcode•Checks Tamper-resistance markers•On failure the part that failed enters shut down modeSelf test procedureTarget of evaluation (TOE)•The new version of TCG will have TPM as a monitoring module and doesn’t actually control the boot process•Hardware, software and firmware that comprise the TPM•Identifies threats to the TOE: T.Attack, T.Bypass, T.Imperson, T.Malfunction etc….•Each threat is explained and the objective