Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bootstrapping Trust in Commodity Computers Bryan Parno, Jonathan McCune, Adrian Perrig 1 Carnegie Mellon University.

Published byEvangeline Holland Modified over 9 years ago

Similar presentations

Presentation on theme: "Bootstrapping Trust in Commodity Computers Bryan Parno, Jonathan McCune, Adrian Perrig 1 Carnegie Mellon University."— Presentation transcript:

1 Bootstrapping Trust in Commodity Computers Bryan Parno, Jonathan McCune, Adrian Perrig 1 Carnegie Mellon University

2 2 A Travel Story

3 Trust is Critical 3 Will I regret having done this?

4 Bootstrapping Trust What F will this machine compute? 4 F X Alice Y Alice Y Other X Other Bootstrapping Trust: What F will this machine compute? Software Engineering & Programming Languages: Is F what the programmer intended? Does program P compute F?

5 H( ) ^ Bootstrapping Trust is Hard! 5 OS App 1 App 1 App 2 App 2 App 3 App 3 App 4 App 4 App N App N Module 1 Module 3 Module 2 Module 4 App 5 App 5 Challenges: Hardware assurance Ephemeral software User Interaction Safe? Yes! S 1 ( ) S 2 ( ) S 3 ( ) S 4 ( ) S 5 ( ) S 6 ( ) S 7 ( ) S 8 ( ) S 9 ( ) S 10 ( ) S 11 ( ) S 12 ( ) S 13 ( ) S 14 ( ) S 15 ( )

6 Evil App Evil App Evil OS Evil OS Bootstrapping Trust is Hard! 6 Challenges: Hardware assurance Ephemeral software User Interaction Safe? Yes!

7 In the paper… 7 Bootstrapping foundations Transmitting bootstrap data Interpretation Validation Applications Human factors Limitations Future directions … and much more! What do we need to know? How can we use it locally? How can we use it remotely? How do we interpret it? What serves as a foundation of trust? How can we validate the bootstrapping? Applications Human factors Limitations Future directions

8 1) Establish Trust in Hardware Hardware is durable Establish trust via: – Trust in the manufacturer – Physical security 8 Open Question: Can we do better?

9 2) Establish Trust in Software 9 OS App 1 App 1 App N App N … Software is ephemeral We care about the software currently in control Many properties matter: – Proper control flow – Type safety – Correct information flow … Which property matters most?

10 A Simple Thought Experiment Imagine a perfect algorithm for analyzing control flow – Guarantees a program always follows intended control flow Does this suffice to bootstrap trust? 10 No! P Respects control flow Type Safe We want code identity

11 What is Code Identity? An attempt to capture the behavior of a program Current state of the art is the collection of: – Program binary – Program libraries – Program configuration files – Initial inputs Often condensed into a hash of the above 11 Function f Inputs to f Attempt to capture the f computed by a program Current state of the art is the collection of: – Program binary – Program libraries – Program configuration files – Program inputs Often condensed into a hash of the above

12 Code Identity as Trust Foundation From code identity, you may be able to infer: – Proper control flow – Type safety – Correct information flow … Reverse is not true! 12

13 What Can Code Identity Do For You? 13 Research applications Commercial applications Thwart insider attacks Protect passwords Create a Trusted Third Party Secure the boot process Count-limit objects Improve security of network protocols Secure disk encryption (e.g., Bitlocker) Improve network access control Secure boot on mobile phones Validate cloud computing platforms

14 14 Establishing Code Identity [Gasser et al. ‘89], [Arbaugh et al. ‘97], [Sailer et al. ‘04], [Marchesini et al. ‘04],… F X Alice X Other Y Alice Y Other

15 15 Establishing Code Identity [Gasser et al. ‘89], [Arbaugh et al. ‘97], [Sailer et al. ‘04], [Marchesini et al. ‘04],… X Alice X Other f1f1 f2f2 fNfN Y Alice Y Other …

16 Software N Software N Software N-1 Software N-1 Software 1 Software 1 Establishing Code Identity 16... ? Root of Trust Chain of Trust [Gasser et al. ‘89], [Arbaugh et al. ‘97], [Sailer et al. ‘04], [Marchesini et al. ‘04],…

17 Software N Software N Software N-1 Software N-1 Software 1 Software 1 Trusted Boot: Recording Code Identity 17... Root of Trust SW 1 SW 1 SW N SW N SW N-1 SW N-1 SW 2 SW 2 [Gasser et al. ’89], [England et al. ‘03], [Sailer et al. ‘04],…

18 Attestation: Conveying Records to an External Entity 18 Software N Software N Software N-1 Software N-1 Software 1 Software 1... SW 1 SW 1 SW N SW N SW N-1 SW N-1 SW 2 SW 2 [Gasser et al. ‘89], [Arbaugh et al. ‘97], [England et al. ‘03], [Sailer et al. ’04]… random # Sign ( ) K priv random # SW 1 SW 1 SW 2 SW 2 SW N-1 SW N-1 SW N SW N Controls K priv

19 Interpreting Code Identity 19 BIOS Bootloader Drivers 1…N App 1…N OS Option ROMs [Gasser et al. ‘89], [Sailer et al. ‘04] Traditional [Marchesini et al. ‘04], [Jaeger et al. ’06] Policy Enforcement

20 Interpreting Code Identity 20 BIOS Bootloader Virtual Machine Monitor Option ROMs Virtual Machine Virtual Machine Traditional [Marchesini et al. ‘04], [Jaeger et al. ’06] Policy Enforcement [England et al. ‘03], [Garfinkel et al. ‘03] Virtualization [Gasser et al. ‘89], [Sailer et al. ‘04]

21 Interpreting Code Identity 21 BIOS Bootloader Virtual Machine Monitor Option ROMs OS VMM Virtual Machine Virtual Machine Traditional [Marchesini et al. ‘04], [Jaeger et al. ’06] Policy Enforcement [England et al. ‘03], [Garfinkel et al. ‘03] Virtualization Late Launch [Kauer et al. ‘07], [Grawrock ‘08] [Gasser et al. ‘89], [Sailer et al. ‘04]

22 Interpreting Code Identity 22 Traditional [Marchesini et al. ‘04], [Jaeger et al. ’06] Policy Enforcement [England et al. ‘03], [Garfinkel et al. ‘03] Virtualization Late Launch [Kauer et al. ‘07], [Grawrock ‘08] Targeted Late Launch [McCune et al. ‘07] OS Flicker S S Attested [Gasser et al. ‘89], [Sailer et al. ‘04]

23 Interpreting Code Identity 23 BIOS Bootloader Drivers 1…N App 1…N OS Option ROMs Flicker S S

24 Load-Time vs. Run-Time Properties Code identity provides load-time guarantees What about run time? Approach #1: Static transformation 24 Code Compiler Run-Time Policy Code’ Attested [Erlingsson et al. ‘06]

25 Load-Time vs Run-Time Properties Code identity provides load-time guarantees What about run time? Approach #1: Static transformation Approach #2: Run-Time Enforcement layer 25 Code Enforcer Attested Run Time Load Time [Erlingsson et al. ‘06] [Haldar et al. ‘04], [Kil et al. ‘09] Open Question: How can we get complete run-time properties?

26 Roots of Trust 26 0042 General purpose Tamper responding General purpose No physical defenses Special purpose Timing-based attestation Require detailed HW knowledge [Chun et al. ‘07] [Levin et al. ‘09] [Spinellis et al. ‘00] [Seshadri et al. ‘05] … [ARM TrustZone ‘04] [TCG ‘04] [Zhuang et al. ‘04] … [Weingart ‘87] [White et al. ‘91] [Yee ‘94] [Smith et al. ‘99] … Cheaper Open Question: What functionality do we need in hardware?

27 Human Factors 27 SW 1 SW 1 SW 2 SW 2 SW N-1 SW N-1 SW N SW N Open Questions: How should be communicated to Alice? What does Alice do with a failed attestation? How can Alice trust her device? SW 1 SW 1 SW 2 SW 2 SW N-1 SW N-1 SW N SW N Open Question: What does Alice do with a failed attestation? Open Question: How can Alice trust her device?

28 Conclusions Code identity is critical to bootstrapping trust Assorted hardware roots of trust available Many open questions remain! 28

Download ppt "Bootstrapping Trust in Commodity Computers Bryan Parno, Jonathan McCune, Adrian Perrig 1 Carnegie Mellon University."

Similar presentations

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Copyright© 2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Trusted Computing David Grawrock TPM.

Copyright© 2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Trusted Computing David Grawrock TPM.
Logical Attestation: An Authorization Architecture for Trustworthy Computing Emin Gün Sirer Willem de Bruijn †, Patrick Reynolds *, Alan Shieh ‡, Kevin.

Logical Attestation: An Authorization Architecture for Trustworthy Computing Emin Gün Sirer Willem de Bruijn †, Patrick Reynolds *, Alan Shieh ‡, Kevin.
Vpn-info.com.

Vpn-info.com.
1 Privacy Enhancing Technologies Elaine Shi Lecture 5 Trusted Computing.

1 Privacy Enhancing Technologies Elaine Shi Lecture 5 Trusted Computing.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
The Operating System. What is an Operating System? The software which makes it possible for you to use your computer The software which starts up when.

The Operating System. What is an Operating System? The software which makes it possible for you to use your computer The software which starts up when.
EXTENSIBILITY, SAFETY AND PERFORMANCE IN THE SPIN OPERATING SYSTEM B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers,

EXTENSIBILITY, SAFETY AND PERFORMANCE IN THE SPIN OPERATING SYSTEM B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers,
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.

1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.
1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.

1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
1 How Low Can You Go? Recommendations for Hardware- Supported Minimal TCB Code Execution Bryan Parno Arvind Seshadri Adrian Perrig Carnegie Mellon University.

1 How Low Can You Go? Recommendations for Hardware- Supported Minimal TCB Code Execution Bryan Parno Arvind Seshadri Adrian Perrig Carnegie Mellon University.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
1 Flicker: An Execution Infrastructure for TCB Minimization April 4, 2008 Jonathan McCune 1, Bryan Parno 1, Adrian Perrig 1, Michael Reiter 2, and Hiroshi.

1 Flicker: An Execution Infrastructure for TCB Minimization April 4, 2008 Jonathan McCune 1, Bryan Parno 1, Adrian Perrig 1, Michael Reiter 2, and Hiroshi.
TrustVisor: Efficient TCB Reduction and Attestation Jonathan M

TrustVisor: Efficient TCB Reduction and Attestation Jonathan M
Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.

Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
Types of software. Sonam Dema..

Types of software. Sonam Dema..

Similar presentations

Ads by Google