Upload File

property-based tpm virtualization

21
Marcel Winandy  -  Property-Based TPM Virtualization 1 ISC 2008, Taipei/Taiwan Property-Based TPM Virtualization Ahmad-Reza Sadeghi, Christian Stüble*, Marcel Winandy Horst Görtz Institute for IT Security Ruhr-University Bochum, Germany * Sirrix AG security technologies Bochum, Germany

Upload: marcel-winandy

Post on 22-Jan-2015

1.045 views

Category:

Documents


0 download

Report

Tags:

DESCRIPTION

Presentation of a paper at ISC 2008. Modification of a virtual TPM design to support more flexible key management and migration support for virtual machines.

TRANSCRIPT

  • 1. PropertyBasedTPMVirtualizationAhmadRezaSadeghi,ChristianStble*,MarcelWinandyHorstGrtzInstituteforITSecurity RuhrUniversityBochum,Germany*SirrixAGsecuritytechnologies Bochum,Germany ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 1

2. Introduction:VirtualizationFeaturesStandardizedoperatingsystemsonvarioushardwareplatformsVirtualmachines:suspend&resume,migrationSecurity:isolationofvirtualmachinesApplicationscenario:corporate/privatecomputing Isolatedworkloadsforprivateandcorporateworking IsolatedworkloadsfordifferentsecuritylevelsLinuxLinux WindowsLinux Windows Hypervisor Hypervisor Hardware HardwareISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 2 3. Introduction:TrustedComputing(TPM)TPM:cheap,tamperevidenthardwaresecuritymodule Cryptographicfunctions(RSA,SHA1,keygeneration,RNG) Protectedstorageforsmalldata(e.g.keys) Specialkeys:EndorsementKey(EK)andStorageRootKey(SRK)AuthenticatedBoot(recordingintegritymeasurements) MeasurementsstoredinPlatformConfigurationRegisters(PCRs) Eachcomponentmeasuresnextcomponent(chainoftrust)hash Appsstorehash hashOSTPM BootLoaderstorehash hashPCRsBIOSstorehash SRK hash storehash EK CRTM AttestationandSealing AttestationIdentityKey(AIK)signsPCRsfor(remote)attestation BindingkeyisusedtoencryptdatatothecurrentPCRvalues(decryptingonlypossiblewithsamePCRstates) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 3 4. Introduction:VirtualTPM(vTPM)EachVMshouldbeabletouseTPMProvidingprotectedstorageandcryptocoprocessorAssuranceaboutthebootedhypervisorandvirtualmachinesSupportformigration PrivateWorking UnclassifiedCorporateClassifiedCorporateEnvironmentEnvironmentEnvironment VMVM VMHypervisor TPMHardwareISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 4 5. Introduction:VirtualTPM(vTPM)EachVMshouldbeabletouseTPMProvidingprotectedstorageandcryptocoprocessorAssuranceaboutthebootedhypervisorandvirtualmachinesSupportformigration VirtualizationoftheTPMEmulationinsoftware,butbindingtoVMandhardwareTPMPrivateWorking UnclassifiedCorporate ClassifiedCorporateEnvironmentEnvironment Environment VMVMVMTPMDriver TPMDriverTPMDrivervTPMvTPMvTPM Hypervisor TPM HardwareISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization5 6. ShortcomingsofExistingvTPMSolutions MigrationProtecteddataboundtobinaryrepresentationofhypervisor VM'sdatamaybeunavailableaftermigrationtoanotherplatform KeysDifferentiatedstrategiesforkeygenerationmissing someITenvironmentsdemandhardwareprotectedkeys wherasotherswouldbenefitfromflexibilityofsoftwarekeys PrivacyRevealinginformationaboutsystemconfiguration (v)TPMrevealsinformationduringremoteattestationofPCRvalues Profiling(securityrisk)anddiscriminationpossible ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 6 7. NewvTPMDesignAddingnewcomponentstointernalvTPMdesign:PropertyManagementRepresentationofvirtualPCRsDifferentmechanismstostoreandreadvaluesRealizingpropertybasedattestationandsealingKeyManagementCreatingandloadingcryptographickeysSupportssoftwarekeysorkeysofphysicalTPMvTPMPolicyUserdefinedpolicyofthevTPMinstanceISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 7 8. FlexiblevTPMArchitectureVM TPMDriverTPM_CreateWrapKey()TPM_Extend(i,m)TPM_PCRRead(i) vTPMInterface ManagementInterfaceCreateKey() Extend(i,m) PCRRead(i)crypto... migrate()Key PropertyCryptographicMigrationManagementManagement FunctionsControllerPropertyFilter SoftwareKeyPropertyProvider1HardwareKeyPropertyProvider2 vTPM... ... ...PropertyProviderNvTPMPolicy Hypervisor TPMKeyTPMNovelcomponentsforvTPMISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization8 9. PropertyProvidersEachpropertyproviderhasitsownPCRvectorHowtostorevaluesisuptoeachimplementationThisresultsinamatrixofvPCRsvTPMPolicydecideswhichvectortouseonwhichoperationvTPMInstance PropertyProvider1 PropertyProviderjPropertyProviderN vPCR[0] ... ... vPCR[1] ... ... Mapping ...... ... vPCR[n] ... ...Initialization TPM ApplyingallpropertyproviderstobuildthevPCRmatrixPCRs EachPropertyProvidercanimplementadifferentmapping ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization9 10. ChangingtheMeasurementFunctionPCRextensionfunctionoftheTPM:Extend(i,m):PCRiSHA1(PCRi||m)GeneralizingthisforeachProviderj:Providerj.Extend(i,m):vPCRi,jtranslatej(vPCRi,j,m)Examples:translatehash()ishashinglikeinhardwareTPMtranslatecert()looksforacertificateandstoresthepublickey ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 10 11. PCRExtension:ExampleVMOSmeasuresafileandwantstoextendthemeasurementinPCR10ofthevTPM TPM_Extend(10,f572d396fae9206628714fb2ce00f72e94f2258f) PropertyManagementofvTPMinstancecallseachPropertyProvidervPCR10,hashofProviderhashvPCR10,certofProvidercert09d2af8dd22201dd8d48e5dcfcaed281ff9422c7PKcertAvPCR10,hash:=SHA1(vPCR10,hash|| Lookforcertforhashf572d.... f572d396fae9206628714fb2ce00f72e94f2258f) Iffoundone(e.g.,certB),additsPK vPCR10,hash:vPCR10,cert:3a2fdfb2e10d4286a56715952340177c508b173cPKcertA,PKcertBISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization11 12. PropertyBasedAttestationwithvTPM Providercertisoneexampletousepropertycertificates Certificatesdescribethepropertiesforaparticularmeasurement IssuedbyaTrustedThirdParty 1.attest(nonce,i,...,j) VM6.(pcrData,nonce)Verifier 2.quote(vAIKID,nonce,i,...,j)5.(pcrData,nonce) vTPM3.prov=policy.askForProvider(i,...,j)4.sign[vAIKID](nonce,vPCRi,prov,...,vPCRj,prov) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization12 13. MigrationofVMandvTPMSecuremigrationneeded(confidentiality,integrity,authenticity) Example:moveprivateworkingenvironmenttohomePC PrivateWorkingClassifiedCorporateOnlineGaming EnvironmentEnvironment EnvironmentVMVMVMvTPM vTPM vTPMHypervisor(Xen3.1)Hypervisor(Xen3.2)Hardware(OfficePC) TPMTPMHardware(HomePC) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 13 14. TrustedChannelbasedMigrationSourceplatformrequeststrustedchanneltodestinationCreatessecretencryptionkeyboundtoTPMandconfigurationof destinationplatform(assuranceaboutintegrityofendpoints)ConfigurationcanalsobepropertybasedReusableforseveralmigrations PrivateWorkingClassifiedCorporateOnlineGaming EnvironmentEnvironment EnvironmentVMVMVMvTPM vTPM vTPMHypervisor(Xen3.1)Hypervisor(Xen3.2) TrustedChannelHardware(OfficePC) TPMTPMHardware(HomePC) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 14 15. TrustedChannelbasedMigrationSourceplatformrequeststrustedchanneltodestinationCreatessecretencryptionkeyboundtoTPMandconfigurationof destinationplatform(assuranceaboutintegrityofendpoints)ConfigurationcanalsobepropertybasedReusableforseveralmigrations PrivateWorkingClassifiedCorporateOnlineGaming EnvironmentEnvironment EnvironmentVMVMVMvTPM vTPM vTPMHypervisor(Xen3.1)Hypervisor(Xen3.2) TrustedChannelHardware(OfficePC) TPMTPMHardware(HomePC)TransferencryptedTPMstateviaTrustedChannel NoremappingofPCRsnecessary(becauseofpropertyproviders) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 15 16. TrustedChannelbasedMigrationSourceplatformrequeststrustedchanneltodestinationCreatessecretencryptionkeyboundtoTPMandconfigurationof destinationplatform(assuranceaboutintegrityofendpoints)ConfigurationcanalsobepropertybasedReusableforseveralmigrationsClassifiedCorporatePrivateWorking OnlineGamingEnvironment Environment EnvironmentVM VM VM vTPM vTPMvTPMHypervisor(Xen3.1)Hypervisor(Xen3.2) TrustedChannelHardware(OfficePC) TPMTPMHardware(HomePC)TransferencryptedTPMstateviaTrustedChannel NoremappingofPCRsnecessary(becauseofpropertyproviders) ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 16 17. SummaryVM NewvTPMDesign TPMDriverTPM_CreateWrapKey() TPM_Extend(i,m) TPM_PCRRead(i) vTPMInterfaceManagementInterface CreateKey()Extend(i,m) PCRRead(i)crypto... migrate() Key Property CryptographicMigration ManagementManagementFunctionsControllerPropertyProviders PropertyFilter SoftwareKeyPropertyProvider1 vTPMKeyManagement HardwareKeyPropertyProvider2 ... ... ... PropertyProviderNvTPMPolicyvTPMPolicy TPMKey TPMNovelcomponentsforvTPM AllowstolinkhypervisortovTPMbasedonpropertiesDataavailabilityaftermigrationorsoftwareupdatesTrustedMigrationprotocolensuresbindingtotrustworthyplatform MoreflexibilityinkeyusageKeyManagementcandelegatekeyrequeststohardwareTPM UserdefinedpolicydecideswhichinformationtorevealPolicydefineswhichPropertyProvidertouseonattestation ISC2008,Taipei/TaiwanMarcelWinandyPropertyBasedTPMVirtualization 17 18. Thankyouforyourattention!Questions?Contact:MarcelWinandy HorstGrtzInstituteforITSecurity RuhrUniversityBochum,Germany [email protected] ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 18 19. BACKUP ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 19 20. PropertyBasedSealing ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization 20 21. MigrationProtocolSourceplatformDestinationplatformvTPM MigrationControllingProcess MigrationControllingProcess' initiateMigration()create()vTPM'migrate()requestTrustedChannel() (PKBind,certBind)verify(PKBind,certBind) sk:=createKey()esk:=bind[PKBind](sk) s:=getState()es:=encrypt[sk](s) deleteKey(sk),deleteState()transfer(es,esk)destroy() sk:=unbind[PKBind](esk) s:=decrypt[sk](es) X setState(s)ISC2008,Taipei/Taiwan MarcelWinandyPropertyBasedTPMVirtualization21


English TPM Glossary K C TPM Glossary TPM - jipm.or.jp · TPM Glossary Published by the ... General (not JIPM-Subscribers member) 4500JPY ... custom’s duties (depending on the

OPTIGA™ TPM SLB 9645 TPM 1.2 Data Sheet

TPM Booklet

tpm guide e - Toshiba · 4 TPM Installation Guide 1 Introduction Your computer has an integrated Trusted Platform Module (TPM). To activate TPM, you will …

OPTIGA™ TPM SLB 9665 TPM 2.0 Data Sheet

TPM Literature

Smart TPM · 2010-04-14 · - 4 - 2. Installing the Infineon TPM Driver and the Smart TPM Utility Before you use the Smart TPM utility, ensure that the Infineon TPM driver and the

TPM · 2012-02-01  · TPM – OEE Calculation TPM metrics: OEE (Overall Equipment Effectiveness) is the basic indicator used to evaluate TPM. The formulas are: OEE = Availability

03 TPM Implementation in Each TPM Level(Complete)

TPM Introduction

Cat.logo General de Productos 1999- · PDF fileIXSU/OXSU 36 kV Te r minal con control de campo incorpoado ... TPM 50/ 16 TPM 63/ 19 TPM 85/ 25 TPM 115/ 30 TPM 130/ 41 TPM 160/ 55 TPM

In Best Practices (RCM, TPM, RCFA, LUB) Maintenance...Module 11 : Understanding TPM • How TPM originated from Japan • TPM basic concept • 12 developmental steps of TPM • Preparatory,

TPM AOM-TPM-9671V AOM-TPM-9671H AOM-TPM-9671V(H)-S AOM-TPM … · 2018-06-11 · TPM Users Guide Chapter 1: Introduction 1-1 Chapter 1 Introduction 1.1 Overview of the Trusted Platform

Test Process Management (TPM) - TechSAT€¦ · TPM Concept 5 TPM Modules 6 TPM Creation ... TechSAT’s Test Process Management (TPM) ... TPM Test Process Management. 4

TPM TRAINING

OPTIGA™ TPM SLM 9670 TPM 2.0 Data Sheet

TPM Nº14

(Total Productive Maintenance) TPM na Slovensku · TPM – AM (Autonomous Maintenance) TPM – EM (Preventive Maintenace) TPM – PM (Equipment management) Facility management Zavá

Total Productive Maintenance (TPM) - JICA Alumnijica-alumni.ro/resurse/tpm.pdf · TPM Third Country TC-print 9 TPM ( TOTAL PRODUCTIVE MAINTENANCE ) ˜ TPM target is to maximize the

Virtualization Technique Virtualization Technique System Virtualization Memory Virtualization

Virtualization 101. What is Virtualization? Types of Virtualization Desktop Virtualization Server Virtualization Network Virtualization Storage Virtualization

TCG PC Client Platform TPM Profile Specification for TPM 2 · TCG PC Client Platform TPM Profile Specification for TPM 2.0 TCG PC Client Platform TPM Profile Specification for TPM

EMC Consulting - technical trainings · TPM Structure: TPM objectives, Types of maintenance, TPM benefits, Pillars of TPM (5S, Autonomous Maintenance, Focused Improvement, Planned

TPM AOM-TPM-9655V AOM-TPM-9655V-S AOM-TPM-9655V-C AOM-TPM ...€¦ · 6/6/2018  · The Trusted Platform Module (TPM) is a special add-on module that may be installed onto most Supermicro

Tpm Concepts

In Best Practices (RCM, TPM, RCFA, LUB) Maintenance Leadership...Module 11 : Understanding TPM • How TPM originated from Japan • TPM basic concept • 12 developmental steps of

[Eng1]tpm guidebook(1 4)v1-sample_hd_trien_khai-tpm

Tpm updated

Twisted Power Module – LM3886 (TPM-LM3886)twistedpearaudio.com/docs/legacy/tpm/tpm-lm3886.pdf · Twisted Power Module – LM3886 (TPM-LM3886) A Twisted Pear Audio Production Russ

TPM AOM-TPM-9670V AOM-TPM-9670H AOM-TPM … · TPM Users Guide Chapter 1: Introduction 1-1 Chapter 1 Introduction 1.1 Overview of the Trusted Platform Module (TPM) The Trusted Platform

Mukand tpm

TPM - Supreme

TPM Slogans

TCG TPM 2.0 Automotive-Thin Profile · Module (TPM). This specification of a TPM 2.0 Automotive-Thin Profile defines a TPM that is applicable to vehicle systems. This TPM 2.0 Automotive-Thin

 · 231 law+comm trans art art art art art art bio bio ... 127 history ill modern world (f2902) 211 art ... scra scrvl t pm tpm t pm tpm tpm tpm tpm tpm