Upload File

property-based tpm virtualization

21
Marcel Winandy  -  Property-Based TPM Virtualization 1 ISC 2008, Taipei/Taiwan Property-Based TPM Virtualization Ahmad-Reza Sadeghi, Christian Stüble*, Marcel Winandy Horst Görtz Institute for IT Security Ruhr-University Bochum, Germany * Sirrix AG security technologies Bochum, Germany

Upload: marcel-winandy

Post on 22-Jan-2015

1.045 views

Category:

Documents


0 download

Report

Tags:

DESCRIPTION

Presentation of a paper at ISC 2008. Modification of a virtual TPM design to support more flexible key management and migration support for virtual machines.

TRANSCRIPT

  • 1. PropertyBasedTPMVirtualizationAhmadRezaSadeghi,ChristianStble*,MarcelWinandyHorstGrtzInstituteforITSecurity RuhrUniversityBochum,Germany*SirrixAGsecuritytechnologies Bochum,Germany ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 1

2. Introduction:VirtualizationFeaturesStandardizedoperatingsystemsonvarioushardwareplatformsVirtualmachines:suspend&resume,migrationSecurity:isolationofvirtualmachinesApplicationscenario:corporate/privatecomputing Isolatedworkloadsforprivateandcorporateworking IsolatedworkloadsfordifferentsecuritylevelsLinuxLinux WindowsLinux Windows Hypervisor Hypervisor Hardware HardwareISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 2 3. Introduction:TrustedComputing(TPM)TPM:cheap,tamperevidenthardwaresecuritymodule Cryptographicfunctions(RSA,SHA1,keygeneration,RNG) Protectedstorageforsmalldata(e.g.keys) Specialkeys:EndorsementKey(EK)andStorageRootKey(SRK)AuthenticatedBoot(recordingintegritymeasurements) MeasurementsstoredinPlatformConfigurationRegisters(PCRs) Eachcomponentmeasuresnextcomponent(chainoftrust)hash Appsstorehash hashOSTPM BootLoaderstorehash hashPCRsBIOSstorehash SRK hash storehash EK CRTM AttestationandSealing AttestationIdentityKey(AIK)signsPCRsfor(remote)attestation BindingkeyisusedtoencryptdatatothecurrentPCRvalues(decryptingonlypossiblewithsamePCRstates) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 3 4. Introduction:VirtualTPM(vTPM)EachVMshouldbeabletouseTPMProvidingprotectedstorageandcryptocoprocessorAssuranceaboutthebootedhypervisorandvirtualmachinesSupportformigration PrivateWorking UnclassifiedCorporateClassifiedCorporateEnvironmentEnvironmentEnvironment VMVM VMHypervisor TPMHardwareISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 4 5. Introduction:VirtualTPM(vTPM)EachVMshouldbeabletouseTPMProvidingprotectedstorageandcryptocoprocessorAssuranceaboutthebootedhypervisorandvirtualmachinesSupportformigration VirtualizationoftheTPMEmulationinsoftware,butbindingtoVMandhardwareTPMPrivateWorking UnclassifiedCorporate ClassifiedCorporateEnvironmentEnvironment Environment VMVMVMTPMDriver TPMDriverTPMDrivervTPMvTPMvTPM Hypervisor TPM HardwareISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization5 6. ShortcomingsofExistingvTPMSolutions MigrationProtecteddataboundtobinaryrepresentationofhypervisor VM'sdatamaybeunavailableaftermigrationtoanotherplatform KeysDifferentiatedstrategiesforkeygenerationmissing someITenvironmentsdemandhardwareprotectedkeys wherasotherswouldbenefitfromflexibilityofsoftwarekeys PrivacyRevealinginformationaboutsystemconfiguration (v)TPMrevealsinformationduringremoteattestationofPCRvalues Profiling(securityrisk)anddiscriminationpossible ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 6 7. NewvTPMDesignAddingnewcomponentstointernalvTPMdesign:PropertyManagementRepresentationofvirtualPCRsDifferentmechanismstostoreandreadvaluesRealizingpropertybasedattestationandsealingKeyManagementCreatingandloadingcryptographickeysSupportssoftwarekeysorkeysofphysicalTPMvTPMPolicyUserdefinedpolicyofthevTPMinstanceISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 7 8. FlexiblevTPMArchitectureVM TPMDriverTPM_CreateWrapKey()TPM_Extend(i,m)TPM_PCRRead(i) vTPMInterface ManagementInterfaceCreateKey() Extend(i,m) PCRRead(i)crypto... migrate()Key PropertyCryptographicMigrationManagementManagement FunctionsControllerPropertyFilter SoftwareKeyPropertyProvider1HardwareKeyPropertyProvider2 vTPM... ... ...PropertyProviderNvTPMPolicy Hypervisor TPMKeyTPMNovelcomponentsforvTPMISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization8 9. PropertyProvidersEachpropertyproviderhasitsownPCRvectorHowtostorevaluesisuptoeachimplementationThisresultsinamatrixofvPCRsvTPMPolicydecideswhichvectortouseonwhichoperationvTPMInstance PropertyProvider1 PropertyProviderjPropertyProviderN vPCR[0] ... ... vPCR[1] ... ... Mapping ...... ... vPCR[n] ... ...Initialization TPM ApplyingallpropertyproviderstobuildthevPCRmatrixPCRs EachPropertyProvidercanimplementadifferentmapping ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization9 10. ChangingtheMeasurementFunctionPCRextensionfunctionoftheTPM:Extend(i,m):PCRiSHA1(PCRi||m)GeneralizingthisforeachProviderj:Providerj.Extend(i,m):vPCRi,jtranslatej(vPCRi,j,m)Examples:translatehash()ishashinglikeinhardwareTPMtranslatecert()looksforacertificateandstoresthepublickey ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 10 11. PCRExtension:ExampleVMOSmeasuresafileandwantstoextendthemeasurementinPCR10ofthevTPM TPM_Extend(10,f572d396fae9206628714fb2ce00f72e94f2258f) PropertyManagementofvTPMinstancecallseachPropertyProvidervPCR10,hashofProviderhashvPCR10,certofProvidercert09d2af8dd22201dd8d48e5dcfcaed281ff9422c7PKcertAvPCR10,hash:=SHA1(vPCR10,hash|| Lookforcertforhashf572d.... f572d396fae9206628714fb2ce00f72e94f2258f) Iffoundone(e.g.,certB),additsPK vPCR10,hash:vPCR10,cert:3a2fdfb2e10d4286a56715952340177c508b173cPKcertA,PKcertBISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization11 12. PropertyBasedAttestationwithvTPM Providercertisoneexampletousepropertycertificates Certificatesdescribethepropertiesforaparticularmeasurement IssuedbyaTrustedThirdParty 1.attest(nonce,i,...,j) VM6.(pcrData,nonce)Verifier 2.quote(vAIKID,nonce,i,...,j)5.(pcrData,nonce) vTPM3.prov=policy.askForProvider(i,...,j)4.sign[vAIKID](nonce,vPCRi,prov,...,vPCRj,prov) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization12 13. MigrationofVMandvTPMSecuremigrationneeded(confidentiality,integrity,authenticity) Example:moveprivateworkingenvironmenttohomePC PrivateWorkingClassifiedCorporateOnlineGaming EnvironmentEnvironment EnvironmentVMVMVMvTPM vTPM vTPMHypervisor(Xen3.1)Hypervisor(Xen3.2)Hardware(OfficePC) TPMTPMHardware(HomePC) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 13 14. TrustedChannelbasedMigrationSourceplatformrequeststrustedchanneltodestinationCreatessecretencryptionkeyboundtoTPMandconfigurationof destinationplatform(assuranceaboutintegrityofendpoints)ConfigurationcanalsobepropertybasedReusableforseveralmigrations PrivateWorkingClassifiedCorporateOnlineGaming EnvironmentEnvironment EnvironmentVMVMVMvTPM vTPM vTPMHypervisor(Xen3.1)Hypervisor(Xen3.2) TrustedChannelHardware(OfficePC) TPMTPMHardware(HomePC) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 14 15. TrustedChannelbasedMigrationSourceplatformrequeststrustedchanneltodestinationCreatessecretencryptionkeyboundtoTPMandconfigurationof destinationplatform(assuranceaboutintegrityofendpoints)ConfigurationcanalsobepropertybasedReusableforseveralmigrations PrivateWorkingClassifiedCorporateOnlineGaming EnvironmentEnvironment EnvironmentVMVMVMvTPM vTPM vTPMHypervisor(Xen3.1)Hypervisor(Xen3.2) TrustedChannelHardware(OfficePC) TPMTPMHardware(HomePC)TransferencryptedTPMstateviaTrustedChannel NoremappingofPCRsnecessary(becauseofpropertyproviders) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 15 16. TrustedChannelbasedMigrationSourceplatformrequeststrustedchanneltodestinationCreatessecretencryptionkeyboundtoTPMandconfigurationof destinationplatform(assuranceaboutintegrityofendpoints)ConfigurationcanalsobepropertybasedReusableforseveralmigrationsClassifiedCorporatePrivateWorking OnlineGamingEnvironment Environment EnvironmentVM VM VM vTPM vTPMvTPMHypervisor(Xen3.1)Hypervisor(Xen3.2) TrustedChannelHardware(OfficePC) TPMTPMHardware(HomePC)TransferencryptedTPMstateviaTrustedChannel NoremappingofPCRsnecessary(becauseofpropertyproviders) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 16 17. SummaryVM NewvTPMDesign TPMDriverTPM_CreateWrapKey() TPM_Extend(i,m) TPM_PCRRead(i) vTPMInterfaceManagementInterface CreateKey()Extend(i,m) PCRRead(i)crypto... migrate() Key Property CryptographicMigration ManagementManagementFunctionsControllerPropertyProviders PropertyFilter SoftwareKeyPropertyProvider1 vTPMKeyManagement HardwareKeyPropertyProvider2 ... ... ... PropertyProviderNvTPMPolicyvTPMPolicy TPMKey TPMNovelcomponentsforvTPM AllowstolinkhypervisortovTPMbasedonpropertiesDataavailabilityaftermigrationorsoftwareupdatesTrustedMigrationprotocolensuresbindingtotrustworthyplatform MoreflexibilityinkeyusageKeyManagementcandelegatekeyrequeststohardwareTPM UserdefinedpolicydecideswhichinformationtorevealPolicydefineswhichPropertyProvidertouseonattestation ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 17 18. Thankyouforyourattention!Questions?Contact:MarcelWinandy HorstGrtzInstituteforITSecurity RuhrUniversityBochum,Germany [email protected] ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 18 19. BACKUP ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 19 20. PropertyBasedSealing ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 20 21. MigrationProtocolSourceplatformDestinationplatformvTPM MigrationControllingProcess MigrationControllingProcess' initiateMigration()create()vTPM'migrate()requestTrustedChannel() (PKBind,certBind)verify(PKBind,certBind) sk:=createKey()esk:=bind[PKBind](sk) s:=getState()es:=encrypt[sk](s) deleteKey(sk),deleteState()transfer(es,esk)destroy() sk:=unbind[PKBind](esk) s:=decrypt[sk](es) X setState(s)ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization21


Total Productive Maintenance TPM. AGENDA TPM Agenda »Introduction To TPM »Why – Benefits? »Typical Maintenance Strategies »What Does TPM Look Like? »How

(Total Productive Maintenance) TPM na Slovensku · TPM – AM (Autonomous Maintenance) TPM – EM (Preventive Maintenace) TPM – PM (Equipment management) Facility management Zavá

[MS-TPMVSC]: Trusted Platform Module (TPM) Virtual Smart ...€¦ · Trusted Platform Module (TPM) Virtual Smart Card Management Protocol Intellectual Property Rights Notice for Open

Mukand tpm

Cat.logo General de Productos 1999- · PDF fileIXSU/OXSU 36 kV Te r minal con control de campo incorpoado ... TPM 50/ 16 TPM 63/ 19 TPM 85/ 25 TPM 115/ 30 TPM 130/ 41 TPM 160/ 55 TPM

Advanced TPM

OPTIGA™ TPM SLB 9645 TPM 1.2 Data Sheet

TPM TRAINING

TCG TPM 2.0 Automotive-Thin Profile · Module (TPM). This specification of a TPM 2.0 Automotive-Thin Profile defines a TPM that is applicable to vehicle systems. This TPM 2.0 Automotive-Thin

TPM AOM-TPM-9670V AOM-TPM-9670H AOM-TPM … · TPM Users Guide Chapter 1: Introduction 1-1 Chapter 1 Introduction 1.1 Overview of the Trusted Platform Module (TPM) The Trusted Platform

TPM Literature

English TPM Glossary K C TPM Glossary TPM - jipm.or.jp · TPM Glossary Published by the ... General (not JIPM-Subscribers member) 4500JPY ... custom’s duties (depending on the

In Best Practices (RCM, TPM, RCFA, LUB) Maintenance Leadership...Module 11 : Understanding TPM • How TPM originated from Japan • TPM basic concept • 12 developmental steps of

TPM Introduction

TPM Nº14

 · 231 law+comm trans art art art art art art bio bio ... 127 history ill modern world (f2902) 211 art ... scra scrvl t pm tpm t pm tpm tpm tpm tpm tpm

OPTIGA™ TPM SLM 9670 TPM 2.0 Data Sheet

TPM - Supreme

Twisted Power Module – LM3886 (TPM-LM3886)twistedpearaudio.com/docs/legacy/tpm/tpm-lm3886.pdf · Twisted Power Module – LM3886 (TPM-LM3886) A Twisted Pear Audio Production Russ

TPM Booklet

TPM 2 - GIGABYTE GAMINGdownload1.gigabyte.ru/manual/motherboard_manual_tpm_c.pdfInfineon TPM Driver GIGABYTE Ultra TPM Infineon TPM Ultra TPM - 4 - 3. TPM BIOS Infineon Security Platform

TCG PC Client Platform TPM Profile Specification for TPM 2 · TCG PC Client Platform TPM Profile Specification for TPM 2.0 TCG PC Client Platform TPM Profile Specification for TPM

EMC Consulting - technical trainings · TPM Structure: TPM objectives, Types of maintenance, TPM benefits, Pillars of TPM (5S, Autonomous Maintenance, Focused Improvement, Planned

Tpm Concepts

Virtualization 101. What is Virtualization? Desktop Virtualization Server Virtualization Network Virtualization Storage Virtualization Application

In Best Practices (RCM, TPM, RCFA, LUB) Maintenance...Module 11 : Understanding TPM • How TPM originated from Japan • TPM basic concept • 12 developmental steps of TPM • Preparatory,

[Eng1]tpm guidebook(1 4)v1-sample_hd_trien_khai-tpm

Virtualization 101. What is Virtualization? Types of Virtualization Desktop Virtualization Server Virtualization Network Virtualization Storage Virtualization

Test Process Management (TPM) - TechSAT€¦ · TPM Concept 5 TPM Modules 6 TPM Creation ... TechSAT’s Test Process Management (TPM) ... TPM Test Process Management. 4

TPM / AM (Step1-3) Overview - · PDF file• What is TPM / AM? • TPM & GENESIS • 6 major activities of TPM • Overview of AM (Step 1-7) ... 4.KickOff Event – Review/create TPM

TPM Slogans

03 TPM Implementation in Each TPM Level(Complete)

TPM AOM-TPM-9655V AOM-TPM-9655V-S AOM-TPM-9655V-C AOM-TPM ...€¦ · 6/6/2018  · The Trusted Platform Module (TPM) is a special add-on module that may be installed onto most Supermicro

OPTIGA™ TPM SLB 9665 TPM 2.0 Data Sheet

TPM AOM-TPM-9671V AOM-TPM-9671H AOM-TPM-9671V(H)-S AOM-TPM … · 2018-06-11 · TPM Users Guide Chapter 1: Introduction 1-1 Chapter 1 Introduction 1.1 Overview of the Trusted Platform