16/11/2011

Trusted Computing

Or

How I Learned to Stop Worrying and

Love (or Hate) the MPAA

Trusted Computing
 Overview of TCP
 How it works
 Intel
LaGrande Technology (LT)
 AMD’s Secure Execution Mode (SEM)
 Microsoft NGSCB (Palladium)

 Uses
 Issues

1
 16/11/2011

Trusted Computing – ‘Initial’

Motivation
 TC was intended for DRM
 Limits the abuse of file sharing over the
network
 Prevent making illegal copies without the
authorization from the vendor
 Restrict user’s computing actions

Trusted Computing – ‘Current’

Motivation
 “For years, Bill Gate has dreamed of
finding a way to make the Chinese pay for
software: TC looks like being the answer
to his prayer.” – Ross Anderson
 TC extend way more than DRM: It gives
more authorizations to the computers over
users

2
 16/11/2011

Trusted Computing
Fundamental Concepts
 Software runs and communicates securely
over applications and servers
 Use “locked-down” architecture
 Hardware level cryptographic keys for
encryption and authentication
 Tamper-resistant
 Seal secure data within curtained memory
 I/O communication path are encrypted

Trusted Computing - Overview

The image cannot be display ed. Your computer may not hav e enough memory to open the image, or the image may hav e been corrupted. Restart y our computer, and then open the file again. If the red x still appears, y ou may hav e to delete the image and then insert it again.

3
 16/11/2011

Trusted Computing - Overview

Trusted Computing
 Should be expected the computing behave
the way we wanted and do what we
wanted securely
 Any trusted platform has the following
three fundamental features:
 Protected Capabilities
 Integrity Capabilities
 Integrity Reporting

4
 16/11/2011

Trusted Computing Group

 TCG formed by industry leaders
 Open standards for trustworthy computing
 Provides hardware and software security
to combat several type of threat
 Moving towards PDAs, omnipresence

Features of Trusted Computers

 For business
 Licensing
 DRM
 For Users
 Anti-hacker
 Anti-virus
 Backwards compatible
 Can be turned off

5
 16/11/2011

LaGrande
 Intel’s hardware implementation
 Based on Arbaugh’s secure bootstrap
 Runs parallel to normal architecture
 Uses hash values for modification
detection
 Operates in several different parts of
chipset

LaGrande – Secure Bootstrap

 Higher abstraction layers only as secure
as lower
 Trusted CPU, chipset, and boot ROM
 Each layer verifies hash of next layer
before execution

6
 16/11/2011

Hardware Option Memory

ROMs

BIOS OS
boot BIOS loader OS Application Network
block
Root of trust in
integrity New OS
measurement Component
TPM
measuring
Root of trust in reporting
integrity reporting
storing values
logging methods

7
 16/11/2011

LaGrande – Protected Environment

 Built on top of secure bootstrap architecture

 Instruction set extensions to create protected
processor partition
 Extensions to create protected software stack
 Trusted platform module (TPM) verifies
conditions
 Changes to I/O controller, memory controller,
graphics controller, and CPU

8
 16/11/2011

LaGrande
 Separate execution space
 Separate memory space
 Secure mouse/keyboard
 Secure graphics

NGSCB
 Software side of TC
 Domain Manager aka Nexus
 Sealed Storage
 Remote Attestation

9
 16/11/2011

NGSCB – Architecture
 Two primary system components in NGSCB
 Nexus
 Special kernel (core of the trusted operating)
 Goal: Isolate the process of normal mode and trusted
mode differently in memory
 Functionality: Authenticate and protect data (entered,
stored, communicated, and displayed) by data
encryption
 Nexus Computing Agent (NCA)

NGSCB - Nexus Computing

Agent (NCA)
 Trusted software component
 Runs in trusted mode that communicates
with Nexus
 Open-source for NCA specifications
 Developers can make their own agents to
run on the trusted platform

10
 16/11/2011

NGSCB – Architecture
The image cannot be display ed. Your computer may not hav e enough memory to open the image, or the image may hav e been corrupted. Restart y our computer, and then open the file again. If the red x still appears, y ou may hav e to delete the image and then insert it again.

NGSCB – Nexus
 Security kernel, authenticated on boot
 Authenticates trusted programs
 Application interface to TPM
 Does not trust OS

11
 16/11/2011

NGSCB – Computing
Environment Overview
 NSGCB operates two operating systems in ONE system
 Two Modes:
 Normal Mode vs. Trusted Mode
 Normal Mode:
 Un-protected environment
 Same as our current Windows series
 Fully Controlled by the users
 Trusted Mode:
 Protected environment
 Users have no authorities to modify, delete, or copy ANY content.
 Implemented TC: Hardware and Software implementation
 Fully Controlled by the computers

12
 16/11/2011

NGSCB – Operating
Environments The image cannot be display ed. Your computer may not hav e enough memory to open the image, or the image may hav e been corrupted. Restart y our computer, and then open the file again. If the red x still appears, y ou may hav e to delete the image
and then insert it again.

NGSCB – Operating
Environments
 Microsoft claimed: “Only an NGSCB
trusted application, NCA, can run securely
within the protected operating
environment.”
 NCA - Defined by software developers
 Policies
 Security authentication
 Security authorization

13
 16/11/2011

NGSCB – Features
 Strong Process Isolation
 Sealed Storage
 Attestation
 Secured Path to the user

NGSCB – Strong Process

Isolation
 Isolate protected and non-protected
operating environment that are stored in
the same memory
 Blocks the access of Direct Memory
Access (DMA) devices in term of writing
and reading to secured block of memory
 Block access of malicious code
 Claimed: “no illegitimate access will
occurring in protected environment”

14
 16/11/2011

NGSCB – Sealed Storage

 Encrypts data on storage device
 Key is not stored on storage device
 Hash of creating program stored with file
 TPM only decrypts for program that
passes modification detection
 Decrypted only with same TPM / same
program

NGSCB - Remote Attestation

 Communicate hashes of secure programs
for remote verification of modification
detection
 Ensures that client software functions as
intended
 Kazaa vs. MPAA/RIAA

15
 16/11/2011

NGSCB – Secured Path to the

User
 Ensure the information remains securely
through the input/output of the devices.
 Encrypt the input/output, creates a secure
path.
 Protects computer from:
Keystroke recorded

NGSCB – Hardware
 Need to upgrade current hardware devices:
mouse/keyboard/USB devices/ video
adapter
 Input: upgrade to USB devices: Smart
cards, biometrics, others
 Output: upgrade to Graphic adapter, which
prevent read/write to video memory

16
 16/11/2011

Trusted Platform Module (TPM)

 Cryptographic operations
Asymmetric key generation
 Hashing: SHA-1, HMAC
 Random number generator
Signing and encryption
 Asymmetric key generation:
Random number generator
RSA (512, 1024, 2048)
 Asymmetric encryption/
Hash HMAC
decryption: RSA
 Symmetric encryption/
decryption: DES, 3DES
I/O Processor Memory
(AES)
Non-volatile memory  Tamper resistant (hash
TPM and key) storage

Uses
 Remote banking, business-to-business e-commerce, and online
auctioning
 Corporate networking, document sharing
 Cheat-proof gaming enforcement
 Secure data storage
 Personal privacy protection, data management, and record keeping
 Shared computing and secure transactions
 Secure home computing
 Government agencies that require a high level of security and trust
 Software license enforcement
 Copyright enforcement

17
 16/11/2011

Issues
 GPL
 Who is in control – owners, MS, or content
providers?
 Assumptions – hardware modifications
possible
 Censorship

References
 Trusted Computing: Promise and Risk
http://www.eff.org/Infra/trusted_computing/20031001_tc.php
 http://www.microsoft.com/resources/ngscb
 Ross Anderson’s site http://www.cl.cam.ac.uk/~rja14/
 Anderson’s Patent
 Arbaugh Paper
 Inside Intel's Secretive 'LaGrande' Project
http://www.extremetech.com/print_article/0,3998,a=107418,00.asp
 http://www.intel.com/technology/security/
 http://www.microsoft.com/whdc/winhec/pres03.mspx

18