Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA Trusted Computing Overview of TCP How it works Intel LaGrande Microsoft NGSCB (Palladium) Uses Issues Trusted Computing Group TCG formed by industry leaders Open standards for trustworthy computing Provides hardware and software security to combat several type of threat Moving towards PDAs, omnipresence Features of Trusted Computers For business Licensing DRM For Users Anti-hacker Anti-virus Backwards compatible Can be turned off LaGrande Intel’s hardware implementation Based on Arbaugh’s secure bootstrap Runs parallel to normal architecture Uses hash values for modification detection Operates in several different parts of chipset LaGrande – Secure Bootstrap Higher abstraction layers only as secure as lower Trusted CPU, chipset, and boot ROM Each layer verifies hash of next layer before execution LaGrande – Protected Environment Built on top of secure bootstrap architecture Instruction set extensions to create protected processor partition Extensions to create protected software stack Trusted platform module (TPM) verifies conditions Changes to I/O controller, memory controller, graphics controller, and CPU LaGrande Separate execution space Separate memory space Secure mouse/keyboard Secure graphics NGSCB Software side of TC Domain Manager aka Nexus Sealed Storage Remote Attestation NGSCB – Nexus Security kernel, authenticated on boot Authenticates trusted programs Application interface to TPM Does not trust OS NGSCB – Sealed Storage Encrypts data on storage device Key is not stored on storage device Hash of creating program stored with file TPM only decrypts for program that passes modification detection Decrypted only with same TPM / same program NGSCB - Remote Attestation Communicate hashes of secure programs for remote verification of modification detection Ensures that client software functions as intended Kazaa vs. MPAA/RIAA Uses Remote banking, business-to-business e-commerce, and online auctioning Corporate networking, document sharing Cheat-proof gaming enforcement Secure data storage Personal privacy protection, data management, and record keeping Shared computing and secure transactions Secure home computing Government agencies that require a high level of security and trust Software license enforcement Copyright enforcement Issues GPL Who is in control – owners, MS, or content providers? Assumptions – hardware modifications possible Censorship References Trusted Computing: Promise and Risk http://www.eff.org/Infra/trusted_computing/20031001_tc.php http://www.microsoft.com/resources/ngscb Ross Anderson’s site http://www.cl.cam.ac.uk/~rja14/ Anderson’s Patent Arbaugh Paper Inside Intel's Secretive 'LaGrande' Project http://www.extremetech.com/print_article/0,3998,a=107418,00.asp http://www.intel.com/technology/security/ http://www.microsoft.com/whdc/winhec/pres03.mspx