 English |
|
|
|
|
|
|
|
| L12-TCPA-PALLADIUM Datasheet, PDF (9/12 Pages) List of Unclassifed Manufacturers – TCPA and Palladium | |||
| |||
| ◁ |
9
⢠Strong process isolation
⢠Root key for persistent secret protection
⢠Secure path to and from user
⢠Attestation
The ï¬rst three are needed to protect against malicious code (viruses, Trojans, etc.). Attestation
breaks new ground. With attestation, facts about âthingsâ (software, users, machines, services) can
be proved to (and believed by) remote entities.
Code Identity
OS Identity:
⢠Keep hardware simple
⢠The SSC/chipset measures the digest of the nexus on âsecure initiationâ
Application Identity:
⢠Could use a digest, but we actually use a âmanifestâ which simpliï¬es management (A âmani-
festâ is a signed statement of hashes)
Sealed Storage
Sealed storage allows software to keep long-lived secrets safe from other software running on the
host.
⢠Sealed storage uses an encryption technology, but itâs more than simple encryption
â The security chip has very little storage (just room for keys)
â Letâs say I have a banking application that I want to protect. How can it encrypt its stuï¬
and then hide its key?
⢠An OS/nexus can keep secrets from other OSâs
â We involve the secret key in the chip (that no one ever gets to see since itâs baked in
at build) in the encryption. Forgetting the banking application for now, letâs say Iâm a
Nexus and I want to encrypt something, so I ask the SSC. It uses its AES key and it
brands it with my hash value (the hash of myself, the nexus) and now it will only give
the data back to me since Iâm the only one that hashes to the proper value. The SSC
holds the key and so it only gives content to the code which sealed it.
⢠If an OS can keep a secret, it can provide a similar service to applications
|
▷ |
German
Russian
Spanish
Italian
Polish
Chinese
Japanese
Korean
French
Portuguese