usc csci599 trusted computing lecture notes spring 2007
DESCRIPTION
USC CSci599 Trusted Computing Lecture notes Spring 2007. Dr. Clifford Neuman University of Southern California Information Sciences Institute. Administration. Class home page http://ccss.usc.edu/599tc Preliminary Syllabus Assigned Readings Lecture notes Assignments - PowerPoint PPT PresentationTRANSCRIPT
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
USC CSci599Trusted ComputingLecture notesSpring 2007
Dr. Clifford Neuman
University of Southern California
Information Sciences Institute
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Administration
• Class home pagehttp://ccss.usc.edu/599tc– Preliminary Syllabus– Assigned Readings– Lecture notes– Assignments
• See me for D Clearance
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Administration
• Class e-mail: [email protected]
• Instructor
– Dr. Clifford Neuman
– Office hours Friday 10:45-11:45 SAL 212
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
USC CSci599Trusted ComputingLecture Two – Trusted HardwareJanuary 19, 2007 - PRELIMINARY
Dr. Clifford Neuman
University of Southern California
Information Sciences Institute
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
NOTE
• These are place holders for the topics we will discuss today.
• There will be more slides by lecture.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
The Hardware Basis
• Trusted computing is proof by induction
– Each attestation stage says something about the next level
– Just like PKI Certification hierarchy
• One needs a basis step
– On which one relies
– Hardware is that step
▪ (well, second step anyway)
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Hardware Topics
• Trusted Platform Module
• Discussion of Secure Storage
• Boot process
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Trusted Platform Module
• Basically a Key Storage and Generation Device
• Capabilities:
–Generation of new keys
–Storage and management of keys
▪ Uses keys without releasing
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Endorsement Key
• Every TPM has unique Endorsement key
–Semi-root of trust for system
–Generated and installed during manufacture
▪ Issues
–Real root is CA that signs public key associated with Endorsement key
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Identity Key
• Key associated with certificate from a CA attesting to identity of the TPM and version / security attributes.
(I’m not sure of the relationship with the EK)
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Storage Root Key
• Root of Key Hierarchy for managing keys related to TPM (except EK)
–Root key never leaves TPM
–Can be changed to reinitialize ownership.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Storage Keys
• Can protect data
• Can protect other keys
• Some storage keys may be migrated.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Binding Key
• Private key to decrypt data perhaps encrypted by others using a public key
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Using Encryption
• LoadKey
–Generated or imported
• Sign
–Signs Data Presented to TPM
• Unbind
–Decrypt data from elsewhere in a public key
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Using Encryption
• Seal/Unseal– Encrypt and subsequent decrypt– This TPM Only– PCRs must be correct
• Platform Configuration Register (PCR)– 20 by storage inside TPM is digest of
accumulated data.– Contains information about the programs and
other state of the processor.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Using Encryption
• Extend
–Add data to a PCR
– 20 byte hash hashed into current PCR
–As each module loaded its hash extends the PCR
• Quote
–Sign current value of PCR
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Using Encryption
• CreateWrapKey–Creates and encrypts for transfer a new
RSA key• MakeIdentity–Creates an Attestation Identity key for a
user• TakeOwnership–Reinitialize TPM, and erases old keys
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Using Encryption
• Other Functions
–OIAP/OSAP
–GetCapability
–GetRandom
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
How to Use it For Atestation
• As modules loaded, their hashes extend the PCR.
• When attestation needed, remote entity can ask the TPM to sign PCR.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Peripheral Authenication
• TPM’s can be embedded in peripherals too, so a system knows it is dealing with an authentic biometric scanner or other kinds of devices.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Exercise - Secure Storage
• Full Disk Encryption– Key in register in disk– Or key in TPM and data
encrypted/decrypted by TPM• Seagate Drive uses register in Disk– Key must be loaded– User prompt at BIOS– Or managed by TPM▪ But OS image maybe on disk, how to get
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
The Boot Process
–Work and example using the functions described already.