Randy FortCS 265Trusted Platform Modules April 19th, 2005
What is Trusted Computing? In 1999, many industry heavyweights came together to form an industry group. Mission Statement “to create a standard set of system hardware based functions needed to establish trust on the platform.” 
What is a TPM? • A chip integrated into the platform • The (alleged) purpose is to provide more security • It is a separate trusted co-processor “The TPM represents a separate trusted coprocessor, whose state cannot be compromised by potentially malicious host system software.” IBM Research Report 
Why? “The theory is that software based key generation or storage will always be vulnerable to software attack, so private keys should be created, stored, and used by dedicated hardware” Andy Dornan, Trusted Computing: A Matter of Trust
The Trusted Computing Group The Trusted Computing Group is a non-profit industry consortium, which develops hardware and software standards. It is funded by many member companies, including IBM, Intel, AMD, Microsoft, Sony, Sun, and HP among others. www.trustedcomputinggroup.org
Attestation The TPM's most controversial feature is attestation, the ability to measure the state of a computer and send a signed message certifying that particular hardware or software is or isn't present. Most TC opponents fear that this will be abused by vendors .
How? • PKI private keys could be stored in the chip. • PK signatures calculated in the chip itself, never visible outside • Random number generators • SHA-1 encryption • Monotonic counters • Process isolation (encrypted I/O, prevents keystroke loggers, screen scrapers.
How? • Protection from malware and detection of compromised systems.  Shows that syslogd has been compromised by a root kit. • Tick counter, Timestamps are a security critical parameter in KERBEROS. • Provide stronger 2 factor authentication.
What’s new? • Conceptually, not much. Most, if not all of the security ideas already exist • What TPMs bring to the table is a secure sealed storage chip for private keys, on-chip crypto, and random number generators among others • The state of the TPM can not be compromised by malicious host software
Cons • Advanced features will require O/S support. • Microsoft's NGSCB (Longhorn Due 2006 ???) • Will require rewrites to interface with the NEXUS. • Potential for abuse by Software vendors. • Is trusted computing just DRM on steroids? • Is TC a security tool or cash flow weapon? • Co-processor or Cop-processor?
Pro vs. Con • Great for Corporations and Government • Prevents unauthorized software • Helps prevent malware • User privacy not a concern • DRM lock-in less of a concern for companies or government
Pro vs. Con • “Trusted Computing requires you to surrender control of your machine to the vendors of your hardware and software, thereby making the computer less trustworthy from the user’s perspective”  Ross Anderson
Windows Media Player 9 EULA "Digital Rights Management (Security). You agree that in order to protect the integrity of content and software protected by digital rights management ('Secure Content'), Microsoft may provide security related updates to the OS Components that will be automatically downloaded onto your computer. These security related updates may disable your ability to copy and/or play Secure Content and use other software on your computer. If we provide such a security update, we will use reasonable efforts to post notices on a web site explaining the update."
“For years Bill Gates has dreamed of finding a way to make the Chinese pay for software, TC looks like being the answer to his prayer.”  Ross Anderson.
Conclusion • Increased security • PKI • Malware protection • Attestation • A very abuseable capability for software vendors
Bibliography •  Andy Doman, Trusted Computing: A matter of Trust, http://www.networkmagazine.com/shared/article/showArticle.jhtml?articleId=22102889 •  DigitalIDWorld, "Assuring Networked Data and Application Reliability", Digital ID World Jan/Feb 2004 https://www.trustedcomputinggroup.org/press/1-3412425E_SC.pdf •  Reiner Sailer, et al, , "The Role of TPM in Enterprise Security", https://www.trustedcomputinggroup.org/press/news_articles/rc23363.pdf •  Ross Anderson, http://www.againsttcpa.com/index.shtml