Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.

Slides:



Advertisements
Similar presentations
Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Advertisements

Rambling on the Private Data Security
Network Security: Lab#2 J. H. Wang Apr. 28, 2011.
Vpn-info.com.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
Digital Signatures and Hash Functions. Digital Signatures.
Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.
Pretty Good Privacy (PGP). How PGP works PGP uses both public-key cryptography and symmetric key cryptography, and includes a system which binds the public.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.
Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
SEC316: BitLocker™ Drive Encryption
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture notes.
Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
Trusted Computing BY: Sam Ranjbari Billy J. Garcia.
Week #7 Objectives: Secure Windows 7 Desktop
Trusted Computing Platform Alliance
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.
Crypto Bro Rigby. History
Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Chapter 15: Electronic Mail Security
Cryptography and Network Security Chapter 13 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 8 Secret and Public Keys. FIGURE 8.0.F01: Using a passphrase for a file encryption key.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
An Introduction to Trusted Platform Technology Siani Pearson Hewlett Packard Laboratories, UK
1 Normal executable Infected executable Sequence of program instructions Entry Original program Entry Jump Replication and payload Viruses.
Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
Trusted Infrastructure Xiaolong Wang, Xinming Ou Based on Dr. Andrew Martin’s slides from TIW 2013.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Network Security Celia Li Computer Science and Engineering York University.
Network Security: Lab#2 J. H. Wang Oct. 9, Objectives To learn to use message digests –MD5 To learn to use secure hash functions –SHA-1, SHA-2 To.
What is BitLocker and How Does It Work? Steve Lamb IT Pro Evangelist, Microsoft Ltd
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
Biometric Encryption Base RSA Algorithm Supervisor: Ass. Prof. Dr. Dang Tran Khanh Student: Dung Ngo Dinh.
Computer Security module October 2008 Mark D. Ryan HP Labs, Bristol University of Birmingham Trusted Platform Module (TPM) introduction.
Computer Security module October 2009 Mark D. Ryan University of Birmingham Trusted Platform Module (TPM) introduction.
Trusted Computing and the Trusted Platform Module
Trusted Infrastructure
Hardware security: The use of a Trusted Platform Module
Building a Trustworthy Computer
Trusted Computing and the Trusted Platform Module
תרגול 9 – Windows Security
Digital Signatures Last Updated: Oct 14, 2017.
Assignment #7 – Solutions
Lecture 4 - Cryptography
Bruce Maggs (with some slides from Bryan Parno)
Bruce Maggs (with some slides from Bryan Parno)
Presentation transcript:

Cosc 4765 Trusted Platform Module

What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It is able to extend its trust to other parts of the platform by building a chain of trust, where each link extends its trust to the next one.

Hardware Crypto Capabilities RSA Accelerator –contains a hardware engine to perform up to 2048 bit RSA encryption/decryption. –uses its built-in RSA engine during digital signing and key wrapping operations. Engine for SHA-1 hash algorithm –uses its built-in hash engine to compute hash values of small pieces of data. –Large pieces of data (such as an message) may be hashed outside of the TPM, for performance reasons.

Hardware Crypto Capabilities Random Number Generator –used to generate keys for various purposes

Allows Remote attestation –creates a hash key for summary of the hardware and software. Depends on the encryption software –This allows a third party to verify that the software has not been changed.

Allows (2) Sealing encrypts data in such a way that it may be decrypted only if the TPM releases the right decryption key, –which it only does if the exact same software is present as when it encrypted the data. –Binding encrypts data using the TPM's endorsement key, a unique RSA key burned into the chip during its production, or another trusted key.

Allows (3) Authentication of hardware devices. –Since each TPM chip has a unique and secret RSA key burned in during the production, it is capable of performing platform authentication. –For example it can be used to verify that the system seeking the access is the expected system. So we can verify the correct computer is attempting to access “something”.

Vista With Ultimate and Enterprise editions –Includes BitLocker software. Encrypts the boot volume. –Provides integrity authentication for trusted boot pathway (from BIOS to boot sector to start up)

Example with MS Outlook

Example with MS Outlook (2)

File Encryption A file can be encrypted using a standard RSA key pair, stored by the TPM. And again The file can be encrypted using the TPM chip’s unique and secret RSA key. Now the file can only be decrypted by the system that encrypted it. Bonded to that system.

Problems? Issues with the File Encryption? Issues with Updates? General issues of privicy?

References ule m?featureid= AQ/ wsecurity/default.mspx

Q A &

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.