Trusted Computing Platforms

1
Trusted Computing Platforms

• Blessing or Curse?

by Bastian Sopora, Seminar DRM 2006
2
Agenda

• Introduction
• Defining trust and its different flavours
• The idea of Trusted Computing Platforms
• Technicalities of TCP
• Conceptual problems with TCP
• TCP DRM
• Summary Discussion

3
Introduction

• What is a Trusted Computing Platform?

4
Introduction

• What is a Trusted Computing Platform?
• A computer with some kind of additional hardware,
  that serves to protect the system from malicious
  software or unintended / undesired use.

5
Agenda

• Introduction
• Defining trust and its different flavours
• The idea of Trusted Computing Platforms
• Technicalities of TCP
• Conceptual problems with TCP
• TCP DRM
• Summary Discussion

6
What is trust?

• Trusted vs. Trustworthy
• The nature of trust
• Technical Trust
• Computers are predictable

7
Trustworthy earned trust

• User has a reason to trust in a Systems behavior
• Impossible to compromise data
• Previous behaviour and standards deserve trust

8
Trusted forced trust

• User has no other choice but to trust the system
• Black box
• No alternatives
• "A 'trusted' computer does not mean a computer
  that is trustworthy." Bruce Schneier

9
Technical Trust

• Device does what it is supposed to do
• an entity can be trusted if it always behaves in
  the expected manner for the intended purpose
  TCG
• i.g. Harddrive controller

10
Agenda

• Introduction
• Defining trust and its different flavours
• The idea of Trusted Computing Platforms
• Technicalities of TCP
• Conceptual problems with TCP
• TCP DRM
• Summary Discussion

11
Supporters

• Trusted Computing Group
• Formerly known as Trusted Computing platform
  alliance
• AMD, Hewlett-Packard, IBM, Infineon, Intel,
  Lenovo, Microsoft, and Sun Microsystems

12
TCP pure intentions

• Make computers safer, more reliable
• Protect from viruses, malware
• Protect from hackers, unauthorized access

13
Opponents

• Computer security experts
• Richard Stallman (GNU)
• Ross J. Anderson (Cambridge U., UK)
• Bruce Schneier (Comp.Sec. Author)

14
TCP not as good as it seems?

• Trust in the driving factors of TCP is undeserved
• TCP gives system and software designers too much
  control and power
• Undue Censorship possible

15
A quick survey

• Who uses...
• ...AMD / Intel processors?
• ...Microsoft / Apple OS?
• Think about whether you trust them or not!

16
Agenda

• Introduction
• Defining trust and its different flavours
• The idea of Trusted Computing Platforms
• Technicalities of TCP
• Conceptual problems with TCP
• TCP DRM
• Summary Discussion

17
The simple TC-life

• Trusted Platform Module
• One chip solution
• Open specifications

18
The TCG Guidelines

• Trusted Platform Module provides
• Secure Input Output
• Memory curtaining / Protected execution
• Sealed storage
• Remote attestation

19
The Guidelines I

• Secure Input Output
• Secure channel between user and software
• Avoid keyloggers, screenparsers etc.

20
The Guidelines II

• Memory Curtaining
• Block access to memory for all other software
• Even OS access is denied

21
The Guidelines III

• Sealed Storage
• Encrypt files using key derived from software
  hardware

22
The Guidelines IV

• Remote Attestation
• Certificate generated by the Trusted Platform
  Module
• Hardware has not been tampered with
• What software is running
• (active point of view)

23
Agenda

• Introduction
• Defining trust and its different flavours
• The idea of Trusted Computing Platforms
• Technicalities of TCP
• Conceptual problems with TCP
• TCP DRM
• Summary Discussion

24
Reflection

• What does TC do?
• What could it do?
• How does it work?

25
Additional Concepts

• Remote Attestation
• (passive point of view)
• Owner Override

26
Remote Attestation

• What is running?
• Is XYZ running...?
• ...on machine UVW?

27
Owner Override

• Allow owner to disable functions
• Allow owner to overide actions

28
Controversies

• Remote Censorship
• Freedom of Software Choice
• Limitations on Data Information
• Identifiability
• TCP Digital Licensing

29
Remote Censorship

• Software creators instead of users control data
  objects
• Data objects may be deleted without users
  consent
• Data objects distribution may be prevented

30
Software Choice

• Information created with Software A may be locked
  from all other software
• Data Objects may require Software A although they
  are of a common type

31
Limitations on Users Data

• No migration
• Software requiring newest software versions
• Data requiring spyware

32
Identifiability on the Internet

• Remote Attestation
• Collect information?
• Free Speech
• Direct Anonymous Attestation

33
Limitations on Information

• Enforcing Fair Use Policy
• Limiting file formats to certain software
• Microsoft DRM making use of TC

34
TCP and Digital Licensing

• Relies on Sealed Storage Memory Curtaining
• Relies on Remote Attestation

35
TCP and Digital Licensing Scenario 1

• Concept Enforcing Fair Use Policy
• Restriction of Use
• Restrictions on replay
• Playability linked to users behaviour

36
TCP and Digital Licensing Scenario II

• Concept Spyware
• Marketing Trap
• Evolving Fair Use Policy

37
Impracticality

• Constant Owner Overrides
• ?Disabled features
• Fear of control, what if...
• ...the controling party is evil
• ...the hardware fails
• Frequent new developments
• ?outdated technology

38
Agenda

• Introduction
• Defining trust and its different flavours
• The idea of Trusted Computing Platforms
• Technicalities of TCP
• Conceptual problems with TCP
• TCP DRM
• Summary Discussion

39
Survey Results

• Do you trust Intel, Microsoft, AMD, Apple etc.?

A They pay me
B Forced Trust
C Earned Trust
D I dont use computers
40
Survey Results

• Do you trust Intel, Microsoft, AMD, Apple etc.?
• 50/50 joker

B Forced Trust
C Earned Trust
41
Survey Results

• Do you trust Intel, Microsoft, AMD, Apple etc.?
• Audience joker

B Forced Trust
C Earned Trust