可信平台模块实用指南practical guide to TPM 2.0(trusted platform module)
合集下载
相关主题
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Why TPM 2.0?
Reasons for Upgrade; Use Cases for the Latest Release of the TPM Specification
06/17/15
Dave Challener
Level Setting: What is a TPM?
A Security Co-Processor
chain risks / Counterfeit hardware
Keeping bad guys off of your internal network Keeping malware infected hardware off of your internal network Massive password database releases Multi-factor authentication Email Security FIPS certified / Common criteria certified encryption engines Securing your root certificates Merging physical and logical controls
Purely Passive
It does NOT monitor your system
today
Release of TSS SAPI for 2.0 with Code Release of TSS FAPI for 2.0 for Public review
2013
2014
Release of TPM 2.0 Specification; First devices with internal TPM 2.0
Why Use a TPM 2.0?
Problems that can be solved/ameliorated with TPMs Poor entropy leading to weak keys
Supply chain risks / Counterfeit hardware Keeping bad guys off of your internal network Keeping malware infected hardware off of your internal network Massive password database releases Multi-factor authentication FIPS certified / Common criteria certified encryption engines Securing your root certificates Merging physical and logical controls
Ease of use
TPM 1.2 was hard to use Complexity of authorization
New Functionality
Algorithm flexibility Unified Authorization Fast Key loading
Fred Brooks: “The management question, therefore, is not whether to build a pilot system and throw it away. You will do that. […] Hence plan to throw one away; you will, anyhow.”
– The algorithm was embedded in all structures – There wasn’t room enough to simply change to SHA256
Complexity
TPM 1.2 had grown “organically” after 1.1b It was unnecessarily complicated
2009
2010
2011
2012
Release of TPM 1.20 as ISO Specification
Level Setting: What is a TPM?
2006 2007 2008
Release of TSS 1.20
2003
2004
2005
Release of TPM 1.20 Specification
Why Use a TPM 2.0?
Problems that can be solved/ameliorated with TPMs
Poor entropy leading to weak keys Supply chain risks / Counterfeit hardware Keeping bad guys off of your internal network Keeping malware infected hardware off of your internal network Massive password database releases Multi-factor authentication Email Security FIPS certified / Common criteria certified encryption engines Securing your root certificates Merging physical and logical controls
Over 1 Billion served
Why do I care?
How can I make use of TPMs to solve my current problems?
Why the Change from 1.2?
Security
TPM 1.2 was built around SHA-1
2002
Release of TSS 1.10
2001 1999 2000
First Spec Release, First Machines with TPMs shipped
Begin working on Embedded Security Chip for PC
Two Questions
Why was the Specification upgraded from 1.2?
bad guys off of your internal network
Keeping malware infected hardware off of your internal network Massive password database releases Multi-factor authentication Email Security FIPS certified / Common criteria certified encryption engines Securing your root certificates
Most
common factor appears 46 times!
Debian weak keys
Hardware Random Number Generator
Better seeding for the OS RNG
Also available in 1.2 Good for servers when first booted
Poor Entropy Sources Lead to Weak Keys
From http://web.stanford.edu/class/ee380/Abstracts/150513-slides.pdf “How Not to Generate Random Numbers”
Vast majority of weak keys generated by network devices
Good for embedded devices
Why Use a TPM 2.0?
Problems that can be solved/ameliorated with TPMs
Poor entropy leading to weak keys
Supply
Problems that can be solved/ameliorated with TPMs
Poor entropy leading to weak keys Supply chain risks / Counterfeit hardware Keeping bad guys off of your internal network
Public Private Key Operations
– Key Creation
– Key signing
– Key exchange
Non-Volatile Storage
– Access protected
Symmetric encryption
– HMAC operations – Limited symmetric encryption
Merging physical and logical controls
VPN password compromise
Hacked Via RDP: Really Dumb Passwords
Use Public/private key for authentication!
TPM can generate keys, which don’t leave the machine
Network
security devices / Routers Server management cards Industrial-grade firewalls > 50 manufacturers
Taiwanese smartcards produce weak keys
Supply Chain Risk Management
http://www.forbes.com/pictures/fi45eddmgk/this-is-not-a-real-apple-store/
Endorsement Key+Certificate
TPM 2.0 comes with a Certificate, which matches a key that can be regenerated inside the TPM!
Certificate signed by manufacturer
Proof it is a genuine TPM
IDevID can also be provided by an equipment manufacturerபைடு நூலகம்
With OEM certificate Can prove chip was on motherboard when it left the OEM facility Can be used for warrantee Can be used for creation of LDevIDs
LDevID : IEEE8021-DEVID-MIB - LMSC, LAN/MAN Standards Make the Company Owned asset the “Thing you have”
Two factor authentication
Why Use a TPM 2.0?
Why Use a TPM 2.0?
Problems that can be solved/ameliorated with TPMs
Poor entropy leading to weak keys Supply chain risks / Counterfeit hardware
Keeping
Reasons for Upgrade; Use Cases for the Latest Release of the TPM Specification
06/17/15
Dave Challener
Level Setting: What is a TPM?
A Security Co-Processor
chain risks / Counterfeit hardware
Keeping bad guys off of your internal network Keeping malware infected hardware off of your internal network Massive password database releases Multi-factor authentication Email Security FIPS certified / Common criteria certified encryption engines Securing your root certificates Merging physical and logical controls
Purely Passive
It does NOT monitor your system
today
Release of TSS SAPI for 2.0 with Code Release of TSS FAPI for 2.0 for Public review
2013
2014
Release of TPM 2.0 Specification; First devices with internal TPM 2.0
Why Use a TPM 2.0?
Problems that can be solved/ameliorated with TPMs Poor entropy leading to weak keys
Supply chain risks / Counterfeit hardware Keeping bad guys off of your internal network Keeping malware infected hardware off of your internal network Massive password database releases Multi-factor authentication FIPS certified / Common criteria certified encryption engines Securing your root certificates Merging physical and logical controls
Ease of use
TPM 1.2 was hard to use Complexity of authorization
New Functionality
Algorithm flexibility Unified Authorization Fast Key loading
Fred Brooks: “The management question, therefore, is not whether to build a pilot system and throw it away. You will do that. […] Hence plan to throw one away; you will, anyhow.”
– The algorithm was embedded in all structures – There wasn’t room enough to simply change to SHA256
Complexity
TPM 1.2 had grown “organically” after 1.1b It was unnecessarily complicated
2009
2010
2011
2012
Release of TPM 1.20 as ISO Specification
Level Setting: What is a TPM?
2006 2007 2008
Release of TSS 1.20
2003
2004
2005
Release of TPM 1.20 Specification
Why Use a TPM 2.0?
Problems that can be solved/ameliorated with TPMs
Poor entropy leading to weak keys Supply chain risks / Counterfeit hardware Keeping bad guys off of your internal network Keeping malware infected hardware off of your internal network Massive password database releases Multi-factor authentication Email Security FIPS certified / Common criteria certified encryption engines Securing your root certificates Merging physical and logical controls
Over 1 Billion served
Why do I care?
How can I make use of TPMs to solve my current problems?
Why the Change from 1.2?
Security
TPM 1.2 was built around SHA-1
2002
Release of TSS 1.10
2001 1999 2000
First Spec Release, First Machines with TPMs shipped
Begin working on Embedded Security Chip for PC
Two Questions
Why was the Specification upgraded from 1.2?
bad guys off of your internal network
Keeping malware infected hardware off of your internal network Massive password database releases Multi-factor authentication Email Security FIPS certified / Common criteria certified encryption engines Securing your root certificates
Most
common factor appears 46 times!
Debian weak keys
Hardware Random Number Generator
Better seeding for the OS RNG
Also available in 1.2 Good for servers when first booted
Poor Entropy Sources Lead to Weak Keys
From http://web.stanford.edu/class/ee380/Abstracts/150513-slides.pdf “How Not to Generate Random Numbers”
Vast majority of weak keys generated by network devices
Good for embedded devices
Why Use a TPM 2.0?
Problems that can be solved/ameliorated with TPMs
Poor entropy leading to weak keys
Supply
Problems that can be solved/ameliorated with TPMs
Poor entropy leading to weak keys Supply chain risks / Counterfeit hardware Keeping bad guys off of your internal network
Public Private Key Operations
– Key Creation
– Key signing
– Key exchange
Non-Volatile Storage
– Access protected
Symmetric encryption
– HMAC operations – Limited symmetric encryption
Merging physical and logical controls
VPN password compromise
Hacked Via RDP: Really Dumb Passwords
Use Public/private key for authentication!
TPM can generate keys, which don’t leave the machine
Network
security devices / Routers Server management cards Industrial-grade firewalls > 50 manufacturers
Taiwanese smartcards produce weak keys
Supply Chain Risk Management
http://www.forbes.com/pictures/fi45eddmgk/this-is-not-a-real-apple-store/
Endorsement Key+Certificate
TPM 2.0 comes with a Certificate, which matches a key that can be regenerated inside the TPM!
Certificate signed by manufacturer
Proof it is a genuine TPM
IDevID can also be provided by an equipment manufacturerபைடு நூலகம்
With OEM certificate Can prove chip was on motherboard when it left the OEM facility Can be used for warrantee Can be used for creation of LDevIDs
LDevID : IEEE8021-DEVID-MIB - LMSC, LAN/MAN Standards Make the Company Owned asset the “Thing you have”
Two factor authentication
Why Use a TPM 2.0?
Why Use a TPM 2.0?
Problems that can be solved/ameliorated with TPMs
Poor entropy leading to weak keys Supply chain risks / Counterfeit hardware
Keeping