Computer Security module October 2008 Mark D. Ryan HP Labs, Bristol University of Birmingham Trusted Platform Module (TPM) introduction.

Slides:



Advertisements
Similar presentations
Peer-to-Peer Access Control Architecture Using Trusted Computing Technology Ravi Sandhu and Xinwen Zhang George Mason University SACMAT05, June 1--3, 2005,
Advertisements

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Eran Tromer Slides credit: Dan Boneh, Stanford course CS155
Trusted Platform Module
Rambling on the Private Data Security
Re-envisioning of the TPM
Vpn-info.com.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
Hardware Security: Trusted Platform Module Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources.
1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.
1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Enforcement of Security Policy Compliance in Virtual Private Networks Prof. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh
Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1.
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.
Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.
SEC316: BitLocker™ Drive Encryption
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture notes.
Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/ October 2002.
TCG: Trusted Computing Group CS 155 Spring 2007 Dan Boneh.
File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006.
Free, online, technical courses Take a free online course. Microsoft Virtual Academy.
Trusted Computing BY: Sam Ranjbari Billy J. Garcia.
Trusted Computing Platform Alliance
SODA Archiving October 2013
Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA.
TCG: Trusted Computing Group CS 155 Spring Background TCG consortium. Founded in 1999 as TCPA. Main players (promotors): (>200 members) AMD, HP,
Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.
An Introduction to Trusted Platform Technology Siani Pearson Hewlett Packard Laboratories, UK
Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)
(ITI310) By Eng. BASSEM ALSAID SESSION 2: Server Configuration & Administration Notes SAT 31-Oct-2015.
Trusted Infrastructure Xiaolong Wang, Xinming Ou Based on Dr. Andrew Martin’s slides from TIW 2013.
Digital Rights Management and Trusted Computing Kari Kostiainen T Special Course in Operating System Security April 13 th 2007.
Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)
1 Information Security – Theory vs. Reality , Winter Lecture 12: Trusted computing architecture (cont.), Eran Tromer Slides credit:
TCG: Trusted Computing Group Dan Boneh CS 155 Spring 2006.
What is BitLocker and How Does It Work? Steve Lamb IT Pro Evangelist, Microsoft Ltd
Trusted Computing and SGX
Systems Architecture Microsoft BitLocker -> securing data on mobile devices Johannes Marotzke
Computer Security module October 2009 Mark D. Ryan University of Birmingham Trusted Platform Module (TPM) introduction.
Presented by Mert Çetin
Trusted Computing and the Trusted Platform Module
Trusted Infrastructure
Protecting Network Equipment
Hardware security: The use of a Trusted Platform Module
e-Health Platform End 2 End encryption
Trusted Computing and the Trusted Platform Module
Outline What does the OS protect? Authentication for operating systems
PV204 Security technologies
Sami Alsouri Özgür Dagdelen Stefan Katzenbeisser
Outline What does the OS protect? Authentication for operating systems
TERRA Authored by: Garfinkel, Pfaff, Chow, Rosenblum, and Boneh
Innovations for Grid Security from Trusted Computing
Building hardware-based security with a Trusted Platform Module (TPM)
Assignment #7 – Solutions
User-mode Secret Protection (SP) architecture
Lecture 4 - Cryptography
Formal Analysis and Applications of Direct Anonymous Attestation
TPM, UEFI, Trusted Boot, Secure Boot
Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow
Erica Burch Jesse Forrest
Bruce Maggs (with some slides from Bryan Parno)
Bruce Maggs (with some slides from Bryan Parno)
Presentation transcript:

Computer Security module October 2008 Mark D. Ryan HP Labs, Bristol University of Birmingham Trusted Platform Module (TPM) introduction

The Trusted Computing Group ● An industry consortium including – Microsoft, HP, Dell, Sony, Lenovo, Toshiba, Vodafone, Seagate,... – (about 160 organisations in total) ● Main output is Trusted Platform Module spec – The specification is publicly available – The TPM is a passive device (it does not monitor or prohibit anything; just performs actions if asked) – It is mandated to be opt-in, not opt-out – It includes privacy-enabling functionality

The Trusted Platform Module A hardware chip currently included in 100M laptops –HP, Dell, Sony, Lenovo, Toshiba... –Soldered onto the motherboard, on the LPC bus –HP alone ships 1M TPM-enabled laptops each month Specified by the Trusted Computing Group –An industry consortium that includes Intel, HP, Microsoft, AMD, IBM, Sun, Lenovo.... and 130 other members Manufactured by many companies –Atmel, Broadcom, Infineon, Sinosun, STMicroelectronics, and Winbond Supporting software to be rolled out over the next few years –MS BitLocker is the only mainstream application so far

TPM functionality Platform integrity reporting –“Measurement” and reporting of integrity of platform; may include measurement of BIOS, disk MBR, boot sector, operating system and application software Platform authentication –Creation of attestation identity keys (AIK), with anonymity guarantees (DAA) Secure storage – Creation of RSA keys (with private part known only to the TPM)‏ – Encryption and decryption of user data with those keys

TPM architecture Hash engine Processor RSA key generation RSA signing and encryption Random number generator Endorsement Key Storage Root Key Loaded keys Platform configuration registers Volatile memory Non-volatile memory

Secure storage – Keys are created with TPM_CreateWrapKey ● Passwords (known as “authdata”) are specified for each key ● Keys are arranged in a tree hierarchy ● The TPM returns the created key as a blob; the secret parts are encrypted with the parent key – The function TPM_Seal encrypts data ● It also “seals” it to specified PCR values ● The command returns the sealed blob ● The sealed blob is protected by another piece of authdata, specified at the seal time

TPM command message flow (abstract view) TPMUser process TPM_CreateWrapKey( keyinfo ) keyblob TPM_LoadKey2( keyblob )‏ handle TPM_Seal( handle, data )‏ sealedblob “Sealing” means encrypting and binding ro PCRs

TPM_CreateWrapKey in more detail TPMUser process Ne', keyBlob hmac(K; Ne', No)‏ TPM_OSAP( parentKeyHandle, NoOSAP )‏ authHandle, Ne, NeOSAP K = hmac( parentKeyAuth ; NeOSAP, NoOSAP ) ‏ hmac( K ; encAuth, keyInfo, Ne, No )‏ TPM_CreateWrapKey( parentKeyHandle, encAuth, keyInfo, authHandle, No )‏ parentKeyAut h

TPM_LoadKey2 in more detail TPMUser process Ne', keyBlob hmac( parentKeyAuth ; Ne', No)‏ TPM_OIAP( )‏ authHandle, Ne hmac( parentKeyAuth ; wrappedKey, Ne, No )‏ TPM_LoadKey2( parentKeyHandle, wrappedKey, authHandle, No )‏ parentKeyAut h

TPM authData To each TPM object or resource is associated an authData value –A 160-bit shared secret between user process and TPM –Think of it as a password that has to be cited to use the object or resource‏ authData may be a weak (guessable) secret –May be based on a user-chosen password; e.g. in Microsoft Bitlocker. The TPM resists online guessing attacks of weak authdata by locking out a user that repeatedly tries wrong guesses –Details are left to manufacturer

Platform measurement ● The TPM has 24 Platform Configuration Registers (PCRs) – Used to record platform configuration – x is a “measurement” of some part of the platform – TPM_Extend(p,x) “stores” the value x on the PCR p – This means: p := SHA1( p || x) – p contains a proof of the record of the values that have been extended into it.

Core root of trust for measurement

Platform integrity reporting ● TPM_Quote returns a signature (using a TPM key) on the PCR p. ● A remote party can use that to be convinced of the integrity of the platform ● The key used is an attestation identity key (AIK), that has a certificate demonstrating that it is a real TPM key.

Attestation using a Privacy CA PCA User process { Cert PCA (AIK) } K { K, AIK } EK TPM_MakeIdentity( )‏ AIK EK AIK TPM TPM_ActivateIdentity( { K, AIK } EK )‏ K

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.