Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.

Slides:

Advertisements

Similar presentations

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.

Advertisements

Eran Tromer Slides credit: Dan Boneh, Stanford course CS155

Trusted Platform Module

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Re-envisioning of the TPM

1 Trusted Systems in Networking Infrastructure Rafael Mantilla Montalvo Cisco Systems June 2013.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

The Attestation Mechanism in Trusted Computing. A Simple Remote Attestation Protocol Platform TPM Verifier Application A generates PK A & SK A 2) computes.

Analysis of Remote Attestation Lavina Jain, Jayesh Vyas.

 Max Planck Institute for Software Systems Towards trusted cloud computing Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues MPI-SWS.

 Researchers subverted a botnet’s command and control infrastructure (proxy bots) o Modified its spam messages to point to the Web server under researcher.

1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.

1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

Using Secure Coprocessors to Protect Access to Enterprise Networks Dr. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh

Enforcement of Security Policy Compliance in Virtual Private Networks Prof. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh

Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.

SEC316: BitLocker™ Drive Encryption

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture notes.

Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/ October 2002.

TCG: Trusted Computing Group CS 155 Spring 2007 Dan Boneh.

1 Modeling and Analysis of Networked Secure Systems with Application to Trusted Computing Jason Franklin Joint work with Deepak Garg, Dilsun Kaynar, and.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Five –

File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006.

Trusted Computing BY: Sam Ranjbari Billy J. Garcia.

Trusted Computing Platform Alliance

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Extending user controlled security domain.

TCG: Trusted Computing Group CS 155 Spring Background TCG consortium. Founded in 1999 as TCPA. Main players (promotors): (>200 members) AMD, HP,

Senior Project Ideas: Blind Communication & Internet Measurements Mehmet H. Gunes.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.

Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.

Initial Tiger Team Briefing New Dells with TPM Peter Leight Richard Hammer May 2006.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

Virtual Workspaces Kate Keahey Argonne National Laboratory.

Reducing Trust Domain with TXT Daniel De Graaf. TXT overview Original TPM – Static Root of Trust – BIOS, all boot ROMs, bootloader, hypervisor, OS TPM.

An Introduction to Trusted Platform Technology Siani Pearson Hewlett Packard Laboratories, UK

Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.

Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .

Trusted Infrastructure Xiaolong Wang, Xinming Ou Based on Dr. Andrew Martin’s slides from TIW 2013.

Trusted Platform Module as Security Enabler for Cloud Infrastructure as a Service (IaaS). Gregory T. Hoffer CS7323 – Research Seminar (Dr. Qi Tian)

Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

1 Information Security – Theory vs. Reality , Winter Lecture 12: Trusted computing architecture (cont.), Eran Tromer Slides credit:

TCG: Trusted Computing Group Dan Boneh CS 155 Spring 2006.

What is BitLocker and How Does It Work? Steve Lamb IT Pro Evangelist, Microsoft Ltd

Trusted Computing and SGX

Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.

Computer Security module October 2008 Mark D. Ryan HP Labs, Bristol University of Birmingham Trusted Platform Module (TPM) introduction.

Computer Security module October 2009 Mark D. Ryan University of Birmingham Trusted Platform Module (TPM) introduction.

Web Applications Security Cryptography 1

Trusted Computing and the Trusted Platform Module

Trusted Infrastructure

Trusted Computing and the Trusted Platform Module

Outline What does the OS protect? Authentication for operating systems

PV204 Security technologies

Outline What does the OS protect? Authentication for operating systems

TERRA Authored by: Garfinkel, Pfaff, Chow, Rosenblum, and Boneh

Assignment #7 – Solutions

Bruce Maggs (with some slides from Bryan Parno)

Bruce Maggs (with some slides from Bryan Parno)

Presentation transcript:

Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington

Overview Motivation Trusted Computing and Trusted Platform Modules (TPM) Trusted Software Stacks Attestation Measurements Future Work and Conclusion

Motivation An End to the Middle ◦ Our ongoing research. ◦ Networked computers and trust. ◦ How can we validate a computer? ◦ Even with a password, can we trust they are who they say they are? Hardware offers a potential solution…

Trusted Computing and TPMs Trusted Computing Group ◦ Spec for TPM and trusted software stack. TPM - Hardware chip on most new business laptops and some other PCs. ◦ Dell Latitude, Lenovo ThinkPad, etc… Offers some help that software can’t. NOT protection against physical attacks.

TPM Functionality

Persistent memory ◦ Endorsement key (EK)  Permanent private unique key ◦ Storage Root Key (SRK)  Encrypts other keys, data with pub key out to disk. Volatile memory ◦ Platform Configuration Registers (PCR) ◦ Attestation identity keys ◦ Storage keys

TPM Functionality Crypto-processor ◦ RSA key generator ◦ Random number generator ◦ Encryption / decryption ◦ SHA-1 hash and append  PCRs are append only.  PCR[i] = SHA-1(PCR[i] | new value)

Trusted Software Stacks Core root of trust for measurement (CRTM). ◦ Boot block in BIOS. Never changes. Chain of trust. ◦ Each software component measures the next. ◦ Append measurements to PCRs. TrustedGRUB TrouSerS (TSS API)

Trusted Software Stacks

Attestation We have a snapshot of state which can be signed. How do we deliver it? We can’t just send it over… ◦ Replay attacks

Attestation We have a snapshot of state which can be signed. How do we deliver it? We can’t just send it over… ◦ Replay attacks

Attestation Use a nonce ◦ When request to join comes, challenge with a random number. ◦ Append to PCRs and sign. Funky fresh. Note: Measurements only represent state immediately after boot. ◦ No guarantees of events after boot! Still need to prove that the TPM is a TPM Certificate Authority ◦ Validate TPM

Attestation AIK EK AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation AIK EK AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation AIK EK AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation AIK EK AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation AIK EK AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation ? AIK EK Challenge! AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation 02895… AIK EK AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation 10110… AIK EK AIK Append nonce and sign PCRs with priv_AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation 10110… AIK EK AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation AIK EK AIK 10110… AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation AIK EK AIK 10110… AIK Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Attestation AIK EK AIK 10110… AIK Verify bits match: SHA-1(expected PCRs | nonce) SUCCESS! Privacy CA Trusted Nodes New Node Manf. Cert. PCA Cert.

Measurements Verify PCR values change

Measurements Time in seconds Extends are fast Creating keys is very slow Load and sign, not too bad…

Future Work Create a privacy CA. Implement complete attestation process and benchmark major components. Put Xen in the middle of the chain of trust. Add trusted software stack to ETTM project.

Conclusion TPMs show promise. Building a trusted software stack is possible with open-source software. Time cost not negligible, but reasonable. Hardware should get better. Need more software support.

Other Thoughts Lots of laptops have TPMs, no one uses them. TrustedGRUB has extra lines of code. We didn’t write them. The Dell Latitude e5400 is garbage. ◦ Two thumbs down!