Trusted Computing BY: Sam Ranjbari Billy J. Garcia

What is it? Trusted Computing (TC) is an open standard for hardware enabled trusted computing and security technologies. This means a more secure PC that only trusts the software creators not the owner

Trusted Computing TC was created by the non-for-profit organization Trusted Computing Group (TCG); TC was created by the non-for-profit organization Trusted Computing Group (TCG); An alliance of Microsoft, Intel, IBM, HP, AMD and … An alliance of Microsoft, Intel, IBM, HP, AMD and … A list can be found at this link bout/members/ A list can be found at this link bout/members/ bout/members/ bout/members/

What does Trust mean? Trust means that something does as it is intended to do Trust means that something does as it is intended to do TCG defines trust as “an entity can be trusted if it always behaves in the expected manner for the intended purpose”. TCG defines trust as “an entity can be trusted if it always behaves in the expected manner for the intended purpose”. For example, when you save or read something from your hard drive, you want the data to be written and read accurately like it is intended to be, but you have to trust it to write and read without errors. For example, when you save or read something from your hard drive, you want the data to be written and read accurately like it is intended to be, but you have to trust it to write and read without errors.

Who do I trust? Me! Today a computer trusts one of two entities in a user and hacker model. Today a computer trusts one of two entities in a user and hacker model. The user is trusted and the hacker is not. The user is trusted and the hacker is not.

Continue But when does a computer know that the user is not doing something harmful? But when does a computer know that the user is not doing something harmful? With TC the user and the hacker are both not trusted. This ensures that nothing is done that can compromise the security of the PC. With TC the user and the hacker are both not trusted. This ensures that nothing is done that can compromise the security of the PC.

So How does TC work? For TC to work you have to use the Trusted Computing Module (TPM) which is a hardware system where the core (root) of trust in the platform will reside. For TC to work you have to use the Trusted Computing Module (TPM) which is a hardware system where the core (root) of trust in the platform will reside. TPM will be implemented using a security microchip that handles security with encryption. TPM will be implemented using a security microchip that handles security with encryption.

Groups of secure hardware They are memory curtaining, secure input and output, sealed storage, and remote attestation. They are memory curtaining, secure input and output, sealed storage, and remote attestation. It is also important to mention the concept of the endorsement key. It is also important to mention the concept of the endorsement key. The endorsement key is a 1,048 bit RSA private and public key that is created randomly on a microchip during the manufacturing of the chip. The private key is only used by the chip while the public key is used for attestation and for the encryption of sensitive data sent to the chip. The endorsement key is a 1,048 bit RSA private and public key that is created randomly on a microchip during the manufacturing of the chip. The private key is only used by the chip while the public key is used for attestation and for the encryption of sensitive data sent to the chip.

endorsement key The key is used to allow secure transactions by the TPM using a protocol created by TCG. This prevents a TPM emulator from starting a trusted entity. TPM is also designed to prevent extraction of the key from hardware analysis The key is used to allow secure transactions by the TPM using a protocol created by TCG. This prevents a TPM emulator from starting a trusted entity. TPM is also designed to prevent extraction of the key from hardware analysis

…Groups of secure Hardware Memory curtaining is hardware enforced memory isolation that will prevent software from being able to read or write to other software’s memory. Memory curtaining is hardware enforced memory isolation that will prevent software from being able to read or write to other software’s memory. Today hackers can read memory and alter applications’ memory to do evil deeds that are not intended. Today hackers can read memory and alter applications’ memory to do evil deeds that are not intended.

…Groups of secure Hardware Secure input and output will prevent threats from key loggers or screen grabbers from intruders. Secure input and output will prevent threats from key loggers or screen grabbers from intruders. Using encrypted input and output will prevent the intruders from being able to see what the user types or what is on the users screen because the input from the keyboard to the software and the output from the software to the screen are encrypted. Using encrypted input and output will prevent the intruders from being able to see what the user types or what is on the users screen because the input from the keyboard to the software and the output from the software to the screen are encrypted.

…Groups of secure Hardware Today hard drives are insecure by storing cryptographic keys on a hard drive that intruders can access. Today hard drives are insecure by storing cryptographic keys on a hard drive that intruders can access. User’s passwords, documents, and other information are also unprotected on today’s storage. User’s passwords, documents, and other information are also unprotected on today’s storage.

…Groups of secure Hardware With sealed storage the keys are generated using the hardware and the software With sealed storage the keys are generated using the hardware and the software For example, when you install a client on a set of hardware a key is generated and used for the data that is saved and read from the client. For example, when you install a client on a set of hardware a key is generated and used for the data that is saved and read from the client. If a virus is running on the PC it will not be able to read the because the virus and the hardware combo generate a different key! If a virus is running on the PC it will not be able to read the because the virus and the hardware combo generate a different key!

…Groups of secure Hardware With remote attestation a certificate is generated in hardware of the software installed and running on a computer. With remote attestation a certificate is generated in hardware of the software installed and running on a computer. This allows software writers to check and ensure that their software is unmodified and has not been hacked. This allows software writers to check and ensure that their software is unmodified and has not been hacked. Identity of the software is verified with a hash that will change if the software has been changed. Identity of the software is verified with a hash that will change if the software has been changed. Since the hash is compared to a remote hash the intruder has no way of forging altered software. Since the hash is compared to a remote hash the intruder has no way of forging altered software.

Trusted Computing Not only TC is used for PCs but it is also going to be used for more hardware such as set top boxes, mobile phones, servers, storage devices, networks and more. Not only TC is used for PCs but it is also going to be used for more hardware such as set top boxes, mobile phones, servers, storage devices, networks and more.

Trusted Computing So when will we see TC being used? So when will we see TC being used? For TC to work you have to have hardware with the TPM, and software to work with the TPM. Windows Vista is the next generation operating system by Microsoft that will make use of TC, although Microsoft likes to call it Trustworthiness. For TC to work you have to have hardware with the TPM, and software to work with the TPM. Windows Vista is the next generation operating system by Microsoft that will make use of TC, although Microsoft likes to call it Trustworthiness.

Trusted Computing So far both AMD and Intel are working on a new processor to use TPM. So far both AMD and Intel are working on a new processor to use TPM. Well, who would want to use TC? Well, who would want to use TC? So far the computer industry is supporting TC and the Army wants all of their computers by 2010 to use a secure model such as TC. So far the computer industry is supporting TC and the Army wants all of their computers by 2010 to use a secure model such as TC.

Use of Trusted Computing Other software that uses TC are openTC, EMSCB, Forum for Open SW based TC, Enforcer, Next-Generation Secure Computing Base (NGSCB), TruoSerS – The open-source TCG Software Stack, and Trusted Java. Other software that uses TC are openTC, EMSCB, Forum for Open SW based TC, Enforcer, Next-Generation Secure Computing Base (NGSCB), TruoSerS – The open-source TCG Software Stack, and Trusted Java.

Conclusion Trusted Computing is an industry standard created to protect a user from intruders and unsafe actions. Trusted Computing is an industry standard created to protect a user from intruders and unsafe actions. With Trusted Computing the PC will decide who should be trusted and what is safe and unsafe using the Trusted Platform Module. With Trusted Computing the PC will decide who should be trusted and what is safe and unsafe using the Trusted Platform Module. By default no one is trusted except the hardware and the software publishers. Not even the PC users are trusted. TC was created for our benefits for sure… By default no one is trusted except the hardware and the software publishers. Not even the PC users are trusted. TC was created for our benefits for sure…

Trusted-Platform-Module