English
Language : 

L12-TCPA-PALLADIUM Datasheet, PDF (8/12 Pages) List of Unclassifed Manufacturers – TCPA and Palladium
8
7 ARCHITECTURE
Input is secured by a trusted USB hub, for the keyboard and mouse, that carries on a protected
conversation with the nexus. Output is secured by a trusted GPU that carries on a crypto-protected
conversation with the nexus. This gives us “fingertip to eyeball security.”
Hardware Security Support
• Security Support Component (SSC)
– The security support component (SSC) is basically a smartcard soldered onto the moth-
erboard. It is like TCPA’s TPM.
– To make Palladium easily adoptable, the SSC costs $1 a unit so that it can be installed
in all machines.
– It must contain at least an AES key and an RSA key pair. In reality, it may contain two
to three AES keys and two to three RSA key pairs. These AES keys & RSA private keys
never leave the chip.
– It also contains registers: the PCR (platform configuration register) that contains the
digest of the running Nexus. The Nexus does not have to be loaded at boot. It can be
loaded later. All we care about Palladium is hashing the nexus. This can happen any
time after the machine has booted. So when you boot the nexus you hash the nexus and
put it in a hard register.
– The SSC must be close to the chipset (e.g. not a real smartcard) because it must be
involved in nexus initialization.
• Other security goodness
– RNG, counters, other key storage, crypto operations.
– There is no secure real-time clock. Best thing to do is to have a monotonically increasing
counter, which can be used to detect rollback.
What Palladium Provides
Palladium provides:
• Separate protected execution environments for apps (computing agents) that need higher se-
curity, through hardware-based memory isolation (i.e. the left hand side has no access to the
right hand side).
• Agents can be standalone, and provide services to other apps. The nexus is the gatekeeper
that lets messages pass back to the left hand side.
Palladium Core Features
All Palladium capabilities build off of four key features: