Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
1
CSCS-- 6910: Advanced Computer and 6910: Advanced Computer and
Information Security (ACIS)Information Security (ACIS)
Trusted Computing GroupTrusted Computing Group
ByBy
SubhashiniSubhashini PulimamidiPulimamidi
Department of Computer ScienceDepartment of Computer Science
Western Michigan UniversityWestern Michigan University
Instructor: Prof. Instructor: Prof. LeszekLeszek T. T. LilienLilien
2
What is TCG ?What is TCG ?
�� Trusted Computing Group (TCG) is an industry Trusted Computing Group (TCG) is an industry standards organization with the aim of standards organization with the aim of enhancing the security and trustworthiness of enhancing the security and trustworthiness of the computing environment in disparate the computing environment in disparate computer platforms.computer platforms.
�� The main component of the TCG proposal is The main component of the TCG proposal is the Trusted Platform Module (TPM) which the Trusted Platform Module (TPM) which provides cryptographic functions.provides cryptographic functions.
3
GoalGoal
� The Trusted Computing Group (TCG) publishes specifications defining architectures, functions and interfaces that provide a baseline for a wide variety of computing platform implementations.
� Additionally, the TCG publishes specifications describing specific platform implementations such as the Personal Computer, Personal Digital Assistants (PDA), Cellular telephones and other computing equipment.
4
ContdContd……
� Platforms based on the TCG specifications are expected to meet functional and reliability standards that allow increased assurance of trust.
� The TCG will publish evaluation criteria and platform specific profiles that may be used as a common yard stick for evaluating devices incorporating TCG technology.
5
TCG ArchitectureTCG Architecture
6
Trusted Platform FeaturesTrusted Platform Features
Trust is the expectation that a device will Trust is the expectation that a device will
behave in a particular manner for a specific behave in a particular manner for a specific
purpose.purpose.
A trusted platform should provide at least A trusted platform should provide at least
three basic features.three basic features.
1.1. Protected CapabilitiesProtected Capabilities
2.2. Integrity MeasurementIntegrity Measurement
3.3. Integrity ReportingIntegrity Reporting
7
Protected CapabilitiesProtected Capabilities
�� Protected capabilities are a set of commands Protected capabilities are a set of commands
with exclusive permission to access shielded with exclusive permission to access shielded
locations.locations.
�� The TPM (Trusted Platform Module) The TPM (Trusted Platform Module)
implements protected capabilities and shielded implements protected capabilities and shielded
locations used to protect and report integrity locations used to protect and report integrity
measurements.measurements.
�� The TPM also stores cryptographic keys used to The TPM also stores cryptographic keys used to
authenticate reported measurements.authenticate reported measurements.
8
AttestationAttestation
� Attestation is the process of vouching for the accuracy of information. External entities can attest to shielded locations, protected capabilities, and Roots of Trust.
� A platform can attest to its description of platform characteristics that affect the integrity (trustworthiness) of a platform.
� All forms of attestation require reliable evidence of the attesting entity.
9
Integrity Measurement, Storage and Integrity Measurement, Storage and
ReportingReporting
� Integrity Measurement is the process of
obtaining metrics of platform characteristics that
affect the integrity (trustworthiness) of a
platform , storing those metrics; and putting
digests of those metrics in PCRs (Platform
Configuration Registers).
� The starting point of measurement is called the
root of trust for measurement.
10
ContdContd……
�� An intermediate step between integrity An intermediate step between integrity
measurement and integrity reporting is called measurement and integrity reporting is called
integrity storageintegrity storage..
�� In this step integrity metrics are stored in a log In this step integrity metrics are stored in a log
and digests of those metrics are stored in and digests of those metrics are stored in PCRPCR’’ss
(Platform Configuration Registers).(Platform Configuration Registers).
�� Integrity ReportingIntegrity Reporting is the process of attesting to is the process of attesting to
the contents of integrity storage.the contents of integrity storage.
11
TPM ArchitectureTPM Architecture
12
TPM ComponentsTPM Components
�� Input/outputInput/output (I/O) (I/O) manages information flow
over the communications bus.
� It performs protocol encoding/decoding
suitable for communication over external and
internal buses.
� It routes messages to appropriate components.
13
ContdContd……
� Non-volatile storage is used to store Endorsement Key (EK), Storage Root Key (SRK), owner authorization data and persistent flags.
� Attestation Identity Keys must be persistent, but it is recommended that AIK keys be stored as Blobs in persistent external storage (outside the TPM), rather than stored permanently inside TPM non-volatile storage.
14
ContdContd……
� Program code contains firmware for measuring
platform devices.
� Logically, this is the Core Root of Trust for
Measurement (CRTM). Ideally, the CRTM is
contained in the TPM, but implementation
decisions may require it be located in other
firmware.
15
ContdContd……
� The TPM contains a true random-bit generator
used to seed random number generation. The
RNG is used for key generation.
� A Sha-1 message digest engine is used for
computing signatures.
16
ContdContd……
� The RSA engine is used for signing with signing keys, encryption/decryption with storage keys, and decryption with the EK.
� The Opt-In component implements TCG policy requiring TPM modules are shipped in the state the customer desires.
� This ranges from disabled and deactivated to fully enabled; ready for an owner to take possession.
� The Execution engine runs program code. It performs TPM initialization and measurement taking.
17
Trusted PlatformTrusted Platform
�� Roots of trust are the components which have Roots of trust are the components which have
at least the minimum functionality to describe at least the minimum functionality to describe
the platform characteristics the effect the the platform characteristics the effect the
trustworthiness of the platform.trustworthiness of the platform.
�� There are three roots of trust in a trusted There are three roots of trust in a trusted
platform which are RTM, RTS and RTR.platform which are RTM, RTS and RTR.
18
ContdContd……
�� Root of trust for measurement (RTM) Root of trust for measurement (RTM) is a computing engine capable of making inherently reliable integrity measurements.
� Root of trust for storage (RTS) is a computing engine capable of maintaining an accurate summary of values of integrity digests and the sequence of digests.
� Root of trust for reporting (RTR) is a computing engine capable of reliably reporting information held by the RTS.
19
Integrity Reporting ProtocolIntegrity Reporting Protocol
20
ContdContd……
Attestation protocol consists of several steps:
1. A Challenger requests one or more PCR values
from a platform.
2. An agent on the platform containing a TPM,
collects SML entries.
3. The Platform Agent receives PCR values from
the TPM.
21
ContdContd……
4. The TPM signs PCR values using an AIK.
5. The Platform Agent collects credentials that vouch for the TPM. The signed PCR value, SML entries and Credentials are returned to the Challenger.
6. The Challenger verifies the request. The measurement digest is computed and compared with PCR value. The platform credentials are evaluated and signatures checked.
22
TCG Usage ScenariosTCG Usage Scenarios
�� Risk ManagementRisk Management
�� Asset ManagementAsset Management
�� EE--commercecommerce
�� Security Monitoring and Emergency ResponseSecurity Monitoring and Emergency Response
23
Conclusions for Conclusions for OPPNetsOPPNets
�� If the nodes of If the nodes of oppnetsoppnets are TCG compliant are TCG compliant
then the trustworthiness of those platforms then the trustworthiness of those platforms
increases.increases.
24
ReferencesReferences
�� TCG specification architecture overviewTCG specification architecture overview
� Ahmad-Reza Sadeghi, Marcel Selhorst, Christian St ¨uble, Christian
Wachsmann, and Marcel Winandy. TCG inside?- A note on TPM
specification compliance.
http://delivery.acm.org.libproxy.library.wmich.edu/10.1145/1180000/11794
87/p47sadeghi.pdf?key1=1179487&key2=6009363611&coll=portal&dl=AC
M&CFID=6237415&CFTOKEN=27623902