Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security module October 2008 Mark D. Ryan HP Labs, Bristol University of Birmingham Trusted Platform Module (TPM) introduction.

Published bySheryl Walton Modified over 7 years ago

Similar presentations

Presentation on theme: "Computer Security module October 2008 Mark D. Ryan HP Labs, Bristol University of Birmingham Trusted Platform Module (TPM) introduction."— Presentation transcript:

1 Computer Security module October 2008 Mark D. Ryan HP Labs, Bristol University of Birmingham Trusted Platform Module (TPM) introduction

2 The Trusted Computing Group ● An industry consortium including – Microsoft, HP, Dell, Sony, Lenovo, Toshiba, Vodafone, Seagate,... – (about 160 organisations in total) ● Main output is Trusted Platform Module spec – The specification is publicly available – The TPM is a passive device (it does not monitor or prohibit anything; just performs actions if asked) – It is mandated to be opt-in, not opt-out – It includes privacy-enabling functionality

3 The Trusted Platform Module A hardware chip currently included in 100M laptops –HP, Dell, Sony, Lenovo, Toshiba... –Soldered onto the motherboard, on the LPC bus –HP alone ships 1M TPM-enabled laptops each month Specified by the Trusted Computing Group –An industry consortium that includes Intel, HP, Microsoft, AMD, IBM, Sun, Lenovo.... and 130 other members Manufactured by many companies –Atmel, Broadcom, Infineon, Sinosun, STMicroelectronics, and Winbond Supporting software to be rolled out over the next few years –MS BitLocker is the only mainstream application so far

4 TPM functionality Platform integrity reporting –“Measurement” and reporting of integrity of platform; may include measurement of BIOS, disk MBR, boot sector, operating system and application software Platform authentication –Creation of attestation identity keys (AIK), with anonymity guarantees (DAA) Secure storage – Creation of RSA keys (with private part known only to the TPM)‏ – Encryption and decryption of user data with those keys

5 TPM architecture Hash engine Processor RSA key generation RSA signing and encryption Random number generator Endorsement Key Storage Root Key Loaded keys Platform configuration registers Volatile memory Non-volatile memory

6 Secure storage – Keys are created with TPM_CreateWrapKey ● Passwords (known as “authdata”) are specified for each key ● Keys are arranged in a tree hierarchy ● The TPM returns the created key as a blob; the secret parts are encrypted with the parent key – The function TPM_Seal encrypts data ● It also “seals” it to specified PCR values ● The command returns the sealed blob ● The sealed blob is protected by another piece of authdata, specified at the seal time

7 TPM command message flow (abstract view) TPMUser process TPM_CreateWrapKey( keyinfo ) keyblob TPM_LoadKey2( keyblob )‏ handle TPM_Seal( handle, data )‏ sealedblob “Sealing” means encrypting and binding ro PCRs

8 TPM_CreateWrapKey in more detail TPMUser process Ne', keyBlob hmac(K; Ne', No)‏ TPM_OSAP( parentKeyHandle, NoOSAP )‏ authHandle, Ne, NeOSAP K = hmac( parentKeyAuth ; NeOSAP, NoOSAP ) ‏ hmac( K ; encAuth, keyInfo, Ne, No )‏ TPM_CreateWrapKey( parentKeyHandle, encAuth, keyInfo, authHandle, No )‏ parentKeyAut h

9 TPM_LoadKey2 in more detail TPMUser process Ne', keyBlob hmac( parentKeyAuth ; Ne', No)‏ TPM_OIAP( )‏ authHandle, Ne hmac( parentKeyAuth ; wrappedKey, Ne, No )‏ TPM_LoadKey2( parentKeyHandle, wrappedKey, authHandle, No )‏ parentKeyAut h

10 TPM authData To each TPM object or resource is associated an authData value –A 160-bit shared secret between user process and TPM –Think of it as a password that has to be cited to use the object or resource‏ authData may be a weak (guessable) secret –May be based on a user-chosen password; e.g. in Microsoft Bitlocker. The TPM resists online guessing attacks of weak authdata by locking out a user that repeatedly tries wrong guesses –Details are left to manufacturer

11 Platform measurement ● The TPM has 24 Platform Configuration Registers (PCRs) – Used to record platform configuration – x is a “measurement” of some part of the platform – TPM_Extend(p,x) “stores” the value x on the PCR p – This means: p := SHA1( p || x) – p contains a proof of the record of the values that have been extended into it.

12 Core root of trust for measurement

13 Platform integrity reporting ● TPM_Quote returns a signature (using a TPM key) on the PCR p. ● A remote party can use that to be convinced of the integrity of the platform ● The key used is an attestation identity key (AIK), that has a certificate demonstrating that it is a real TPM key.

14 Attestation using a Privacy CA PCA User process { Cert PCA (AIK) } K { K, AIK } EK TPM_MakeIdentity( )‏ AIK EK AIK TPM TPM_ActivateIdentity( { K, AIK } EK )‏ K

Download ppt "Computer Security module October 2008 Mark D. Ryan HP Labs, Bristol University of Birmingham Trusted Platform Module (TPM) introduction."

Similar presentations

Peer-to-Peer Access Control Architecture Using Trusted Computing Technology Ravi Sandhu and Xinwen Zhang George Mason University SACMAT05, June 1--3, 2005,

Peer-to-Peer Access Control Architecture Using Trusted Computing Technology Ravi Sandhu and Xinwen Zhang George Mason University SACMAT05, June 1--3, 2005,
Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Eran Tromer Slides credit: Dan Boneh, Stanford course CS155

Eran Tromer Slides credit: Dan Boneh, Stanford course CS155
Trusted Platform Module

Trusted Platform Module
Rambling on the Private Data Security

Rambling on the Private Data Security
Re-envisioning of the TPM

Re-envisioning of the TPM
Vpn-info.com.

Vpn-info.com.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
Hardware Security: Trusted Platform Module Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources.

Hardware Security: Trusted Platform Module Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources.
1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.

1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.
1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.

1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Enforcement of Security Policy Compliance in Virtual Private Networks Prof. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh

Enforcement of Security Policy Compliance in Virtual Private Networks Prof. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh
Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1.

Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.

Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.
Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.

Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.
SEC316: BitLocker™ Drive Encryption

SEC316: BitLocker™ Drive Encryption

Similar presentations

Ads by Google