Jumat, 15 Juni 2018

Sponsored Links

src: tectrick.org

Trusted Platform Module ( TPM , also known as ISO/IEC 11889 ) is an international standard for secure cryptoprocessors, special microcontrollers designed to secure devices hard through integrated cryptographic keys.


Video Trusted Platform Module



History

The Trusted Platform Module (TPM) is conceived by a consortium of computer industries called Trusted Computing Group (TCG), and is standardized by the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) in 2009 as ISO/IEC 11889.

TCG continues to revise TPM specifications. The last revised edition of TPM Version 1.2 Version was published on March 3, 2011. It consists of three parts, based on their purpose. For the second major version of TPM, however, TCG released the TPM Library Specification 2.0 , built on the Main TPM Specifications previously published . The newest edition was released on September 29, 2016, with some errata with the latest dated January 8, 2018.

Maps Trusted Platform Module



Overview

Trusted Platform Module provides

  • Random number generator
  • Facilities for creating cryptographic keys that are safe for limited use.
  • Long-distance authentication: Create an almost unpredictable hash key summary of hardware and software configurations. The software responsible for hashing configuration data determines the level of summary. This allows third parties to verify that the software has not been modified.
  • Binding: Encrypt data using a TPM binder key, a unique RSA key is derived from a storage key.
  • Sealing: Similar to binding, but in addition, specifies the TPM status for the data to be decrypted (sealed).

Computer programs can use TPM to authenticate hardware devices, because each TPM chip has a unique and secret RSA key that is burned during production. Encouraging security to the hardware level provides more protection than just software solutions.

src: www.tenforums.com


Usage

The US Department of Defense (DoD) stipulates that "new computer assets (eg, servers, desktops, laptops, thin clients, tablets, smartphones, personal digital assistants, mobile phones) acquired to support DoD will include TPM version 1.2 or higher if required by DISA STIG and where such technology is available. "DoD anticipates that the TPM will be used for device identification, authentication, encryption, and device integrity verification.

Platform integrity

The main scope of TPM is to ensure platform integrity. In this context, "integrity" means "behave as intended," and "platform" is any computer device regardless of its operating system. This ensures that the boot process starts from a combination of trusted hardware and software, and continues until the operating system fully boots and the application runs.

The responsibility of ensuring the word integrity using TPM is with firmware and operating system. For example, the Unified Extensible Firmware Interface (UEFI) can use TPM to establish a trust root: TPM contains multiple Platform Configuration Registers (PCRs) that allow secure storage and reporting of relevant security metrics. This metric can be used to detect changes to previous configurations and decide how to proceed. A good example can be found in Linux Unified Key Setup (LUKS), BitLocker and PrivateCore vCage memory encryption. (See below.)

An example of using TPM for platform integrity is Trusted Execution Technology (TXT), which creates a trust chain. It can remotely prove that the computer uses the specified hardware and software.

Disk encryption

Complete disk encryption utilities, such as dm-crypt and BitLocker, can use this technology to protect keys used to encrypt computer storage devices and provide integrity authentication for trusted boot paths that include firmware and boot sector.

Password protection

Operating systems often require authentication (involving passwords or other means) to protect keys, data or systems. If authentication mechanisms are implemented in software only, access is susceptible to dictionary attacks. Because TPM is implemented in a special hardware module, dictionary attack prevention mechanisms are built, which effectively protects against guessing or automatic dictionary attacks, while still allowing users a sufficient and reasonable number of experiments. Without this level of protection, only high-complex passwords will provide adequate protection.

Use and other concerns

Any application can use TPM chip to:

  • Digital rights management
  • Software license protection and enforcement
  • Online fraud prevention

There are other uses, some of which cause privacy concerns. The "presence of physical" TPM feature resolves some of these issues by requesting a BIOS-level confirmation for operations such as enabling, disabling, deleting or changing TPM ownership by someone physically present on the machine console.

src: zdnet2.cbsistatic.com


Implementation of TPM

Beginning in 2006, many new laptops are sold with an internal TPM chip. In the future, this concept can be placed on existing motherboard chips in computers, or other devices where TPM facilities can be used, such as mobile phones. On PC, the LPC bus or SPI bus is used to connect to the TPM chip.

TCG has certified TPM chips manufactured by Infineon Technologies, Nuvoton, and STMicroelectronics, after assigning TPM vendor ID to Advanced Micro Devices, Atmel, Broadcom, IBM, Infineon, Intel, Lenovo, National Semiconductor, Nationz Technologies, Nuvoton, Qualcomm, Rockchip , Standard Microsystems Corporation, STMicroelectronics, Samsung, Sinosun, Texas Instruments, and Winbond.

There are five different types of TPM 2.0 implementations:

  • Discrete TPM is a special chip that implements TPM functions in their own tamper resistant semiconductor package. They are theoretically the safest type of TPM because routines implemented in hardware must be more bug-resistant than the routines implemented in the software, and their packages are required to apply some tamper barriers.
  • Integrated TPM is part of another chip. While they use hardware that rejects software bugs, they do not need to apply tamper resistance. Intel has integrated TPM in some of its chipsets.
  • TPMs Firmware is a software-specific solution that runs in a trusted CPU execution environment. Because this TPM is entirely a software solution running in a trusted execution environment, this TPM is more likely to be vulnerable to software bugs. AMD, Intel, and Qualcomm have implemented TPM firmware.
  • TPM Software is a TPM software emulator that runs without more protection than regular programs coming into the operating system. They depend entirely on the environment in which they operate, so they do not provide more security than can be provided by a normal execution environment, and they are vulnerable to bugs and their own software attacks that permeate the normal execution environment. They are useful for development purposes.
  • TPM Virtual is provided by the hypervisor. Therefore, they rely on hypervisors to give them an isolated isolated execution environment hidden from software that runs inside a virtual machine to secure their code from software in a virtual machine. They can provide a security level comparable to the TPM firmware.

src: www.quietpc.com


TPM 1.2 vs TPM 2.0

Although TPM 2.0 addresses many of the same use cases and has similar features, the details are different. TPM 2.0 is not compatible to TPM 1.2.

TPM 2.0 policy authorization includes 1.2 HMAC, locality, physical presence, and PCR. This adds authorization based on asymmetric digital signatures, redirects to other authorization secrets, counters and deadlines, NVRAM values, command or command parameters, and physical existence. This allows ANDING and ORing from these primitive authorizations to build complex authorization policies.

src: banner2.kisspng.com


Criticism

TCG has faced resistance to the spread of this technology in some areas, where some authors are looking at possible uses that are not specifically related to Trusted Computing, which can raise privacy concerns. Concerns include misuse of remote validation software (where the manufacturer? - and not the user who owns the computer system? - disconnects what software is allowed to run) and the possible way to follow the actions taken by the user is recorded in the database, by way of which is completely undetectable by the user.

The TrueCrypt disk encryption utility, as well as the VeraCrypt instance, does not support TPM. The original TrueCrypt developer believes that TPM's exclusive goal is "to protect against attacks that require an attacker to have administrator privileges, or physical access to a computer". Thus, they argue that attackers who have physical or administrative access to the computer can avoid TPM, for example, by installing hardware keystroke devices to retrieve passwords (or other sensitive information), by resetting the TPM, or by capturing the memory content and take the TPM-lock removed. The cursed text goes so far as to claim that the TPM is completely redundant. The VeraCrypt publisher has reproduced the original allegation without change other than replacing "TrueCrypt" with "VeraCrypt". The problem with this allegation is that it is true in the absence of TPM as well; TPM at least stopped some of the physical disturbance. In principle, after reaching unlimited physical access or administrative rights, it is only a matter of time before other security measures are bypassed.

The key personal support is crucial for the security of TPM circuits, and is never available to end users. This private key must be known by the chip hardware manufacturer at the time of manufacture, otherwise they will not be able to burn the key into the circuit. There is no guarantee that this private key is not stored by the manufacturer or shared with a government agency. Anyone who has access to a personal support key will be able to fake the identity of the chip and break some of the security provided by the chip. As such, TPM security depends entirely on manufacturers and regulators in the country where hardware is manufactured.

src: tr4.cbsistatic.com


Attack

In 2010, Christopher Tarnovsky presents an attack on TPM in Black Hat, where he claimed to be able to extract secrets from a single TPM. He was able to do this after 6 months of work by plugging the probe and spying on the internal bus for the Infineon SLE 66 CL PC.

In 2015, as part of Snowden's revelation, it was revealed that in 2010 the US CIA team claimed at an internal conference to conduct a different power analysis attack against TPM that was able to extract the secrets.

In October 2017, it was reported that the code library developed by Infineon, which has been widely used in TPM, allows RSA private keys to be deduced from the public key. As a result, all systems that rely on key privacy are vulnerable to compromise, such as identity theft or spoofing.

Cryptosystems that store encryption keys directly on the TPM without being dazzling can be a particular risk for this type of attack, since passwords and other factors are meaningless if attacks can extract encryption secrets.

src: www.refreshedelectronics.com


Availability

Currently TPM is used by almost all PC manufacturers and notebooks, mainly offered on professional product lines.

TPM is implemented by several vendors:

  • Advantech provides TPM on many of its products, especially Gaming boards and Energy Automation Computers.
  • In 2006, with the introduction of the first Macintosh model with Intel processors, Apple began sending Macs with TPM. Apple has never provided an official driver, but there are ports under the GPL available. Apple has not sent computers with TPM since 2006.
  • Atmel manufactures TPM devices claimed in accordance with Trusted Platform Module specifications version 1.2 revision 116 and is offered with multiple interfaces (LPC, SPI, and I2C), mode (FIPS 140-2 certified and standard mode), value temperature (commercial and industry), and packages (TSSOP and QFN). Atmel TPM supports PC and embedded devices. Atmel also provides TPM development tools to support TPM device integration to a variety of embedded designs.
  • Google includes TPM on Chromebooks as part of their security model.
  • Infineon provides TPM chips and TPM software, delivered as OEM versions with new computers, and separately by Infineon for products with TPM technology that comply with TCG standards. For example, Infineon licensed TPM management software to Broadcom Corp. in 2004.
  • The Microsoft Windows Vista operating system and then use the chip along with a disk encryption component called BitLocker. Microsoft has announced that from January 1, 2015 all computers must be equipped with a TPM 2.0 module to pass the Windows 8.1 hardware certification. However, in the December 2014 review of the Windows Certification Program this was even made an optional requirement. However, TPM 2.0 is required for the connected standby system. Virtual machines running on Hyper-V can have their own virtual TPM module starting with Windows 10 1511 and Windows Server 2016.
  • In 2011, Taiwanese manufacturer MSI launched the Windpad 110W tablet featuring AMD CPU and Infineon Security Platform TPM, which is included with the 3.7 version control software. Chips are disabled by default but can be enabled with the included software and already installed.
  • Nuvoton provides TPM devices that implement Trusted Computing Group (TCG) specifications 1.2 and 2.0 for PC applications. Nuvoton also provides TPM devices that implement these specifications for embedded systems and IoT (Internet of Things) applications through I2C and SPI host interfaces. Nuvoton's TPM complies with Common Criteria (CC) with EAL 4 plus level assurance, FIPS 140-2 level 1 and TCG Compliance requirements, all supported on a single device.
  • Oracle sends TPMs in their recent X-and T-Series Systems like T3 or T4 server series. Support included in Solaris 11.
  • PrivateCore vCage uses a TPM chip together with Intel Trusted Execution Technology (TXT) to validate the system at boot time.
  • In the security of mobile devices, there are several alternatives for TPM; for example, the TrustKernel T6 secure operating system simulates TPM functionality on mobile devices using TrustZone ARM technology.
  • VMware ESXi hypervisor has supported TPM since 4.x, and from 5.0 it is enabled by default.
  • Xen hypervisor has virtual TPM support. Each guest gets their own unique software TPM, imitated.
  • KVM, combined with QEMU, has support for virtual TPM. In 2012, it supports passing the physical TPM chip to one special guest. QEMU 2.11 released in December 2017 also provides TPM emulated for guests.

There is also a hybrid type; for example, TPM can be integrated into Ethernet controllers, eliminating the need for separate motherboard components.

src: i.ebayimg.com


See also

  • Hardware security
  • Hardware security module
  • Hengzhi Chips
  • Next-Generation Safe Computing Base
  • The threat model
  • Trusted Computing
  • Unified Extensible Firmware Interface (UEFI)

src: www.tenforums.com


References


src: images.esellerpro.com


Further reading

Source of the article : Wikipedia

Comments
0 Comments