Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trusted Component Deployment Trusted Components Bernd Schoeller January 30 th, 2006.

Published byBeverly Moris Norris Modified over 8 years ago

Similar presentations

Presentation on theme: "Trusted Component Deployment Trusted Components Bernd Schoeller January 30 th, 2006."— Presentation transcript:

1 Trusted Component Deployment Trusted Components Bernd Schoeller January 30 th, 2006

2 Code from the Web ➢ Can I trust the software on my machine, knowing that there are “very bad people” out there ? ● risk of malicious code ● risk of insecure code ● risk of misbehaving code

3 Overview ➢ Cryptographic crash course ➢ Component deployment technologies ● signed binaries ● public key infrastructure ● trusted computing ● processes and virtual machines ➢ Next week: proof-carrying code

4 Cryptographic Crash Course ➢ Encryption / Decryption Hello World xrundctba asjfijas43 xrundctba asjfijas43 Hello World

5 Cryptographic Crash Course ➢ Symmetric Encryption Hello World xrundctba asjfijas43 xrundctba asjfijas43 Hello World = “shared secret”

6 Cryptographic Crash Course ➢ Asymmetric Encryption Hello World xrundctba asjfijas43 xrundctba asjfijas43 Hello World = “private key”= “public key” = “key pair”+

7 Hash Function Hello World 4711 Hallo World 0815 = “hash function” 4711 = “hash value”

8 Digital Signatures (very short) Hello World 4711 4654 Hello World 4654 4711 equal ?

9 Using Hash Values for Trust

10

11 Bad guy TM

12 “Man in the Middle” Attack Request hash value for X The hash value for X is H Bad guy TM Request hash value for X The hash value for X is H'

13 Signed Binaries ➢ A signed binary can be authenticated to come from a certain source ● trust developer, but not deployment channel ● safe for “man in the middle” attack ● automatic check ● liability and damages

14 The Next Problem ➢ How do we get the public keys to the users ?

15 PKI ➢ “Public Key Infrastructure”: an global or local arrangement that provides the vetting of, and the vouching for user identities and the connected distribution of public keys. ➢ Types of PKI ● Hierarchical ● Distributed

16 Hierarchical PKIs Central Authority Central Authority Key Issuer signs the public keys of CAs: VeriSign, BSI

17 Distributed PKIs ➢ “Chain of Trust” ● all participants of a security network start to sign each others keys ● a key is officially seen as valid if ● signed by myself ● signed by “enough” other key holders, which are trusted by myself

18 PGP “Web of Trust” ➢ Levels of trust ● untrusted: signatures with this key are ignored ● marginal: 2 signatures make a key valid ● complete/unlimited: signatures with this key make a key valid

19 APT Secure ➢ APT is the standard package distribution tool of the Debian linux distribution ➢ Packages can be distributed world-wide ➢ User are encouraged to use a local package server with good connectivity ➢ Authenticity of packages automatically validated with digital signatures

20 APT Secure (cont.) Maintainer Debian Developer Software 3476 Software 3476 Packages Release Packages Release Packages User

21 Trusted Computing ➢ Definition I: System that lets the user verify/control the software that he is running on his machine ➢ Definition II: System that lets the manufacturer verify/control the software that the user is running on his machine Not part of this lecture

22 Trusted Computing (cont.) ➢ Integrate a chip into computers that can ● supervise the boot process ● safely store (write only) keys ● verify signatures of code before execution ➢ Integrated into many IBM Thinkpad notebooks ➢ Driver available for Linux (tpm) ● Part of Linux Kernel 2.6.12-rc2 or later

23 Untrusted Execution ➢ Can we execute code that we do not trust ? ● separate the code execution from the rest of the system ● control access to resources (CPU, memory, IO) ● support the user in assessing computational results

24 Assessing Computational Results Am I trustworthy?

25 UNIX Processes ➢ Traditional system separation ● code execution is associated with a user account ● control hardware resources (ulimit) ● IO access controlled by “user mode” ● CPU resource controlled by scheduler ● memory access controlled by MMU

26 Virtual Machines ➢ Hardware support not needed ● Code JIT compiled or interpreted ➢ Byte-code allows static analysis ➢ Code verification at load time ● verified code can disable monitoring ➢ JIT compiler can integrate run-time checks ➢ Fine-grained verification

27 Examples of Virtual Machines ➢ JVM,.NET ➢ JavaScript ➢ Postscript ➢ Online Games: Quake, UT, Doom, Half-Life

28 Summary ➢ We have to be careful about the code that is executed on our machines ● There are many reasons not to trust code that others give you ● Dynamic systems require complex deployment and verification mechanisms

Download ppt "Trusted Component Deployment Trusted Components Bernd Schoeller January 30 th, 2006."

Similar presentations

Security Issues of Peer-to-Peer Systems February 14, 2001 OReilly Peer-to-Peer Conference Nelson Minar, CTO POPULAR POWER.

Security Issues of Peer-to-Peer Systems February 14, 2001 OReilly Peer-to-Peer Conference Nelson Minar, CTO POPULAR POWER.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Vpn-info.com.

Vpn-info.com.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Java Applet Security Diana Dong CS 265 Spring 2004.

Java Applet Security Diana Dong CS 265 Spring 2004.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Cryptographic Technologies

Cryptographic Technologies
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Similar presentations

Ads by Google