Download Secure coprocessors - University of Pittsburgh

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
Document related concepts

Airborne Networking wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Wireless security wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Distributed operating system wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Computer security wikipedia , lookup

Distributed firewall wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

CAN bus wikipedia , lookup

Kademlia wikipedia , lookup

Transcript 
Using Secure Coprocessors
to Protect Access to
Enterprise Networks
Dr. José Carlos Brustoloni
Dept. Computer Science
University of Pittsburgh
[email protected]
Joint work with Haidong Xia and Jayashree Kanchana
Motivation
♦
Attackers can easily bypass firewalls and
VPNs:




laptop computers infected on a trip
telecommuting from home computers shared with
children or cybercafés
rogue modems
rogue wireless access points
May 3, 2005
Jose' Brustoloni
2
Previous proposed solutions
♦
♦
♦
♦
Verify node’s configuration before accepting node in
network
Node sends list with node’s software configuration and
versions to a network server
Server may accept node’s configuration or confine
node to restricted network that allows only updating
node’s software
Expected to become common in a few years



Cisco’s Network Admission Control (NAC)
Microsoft’s Network Access Protection (NAP)
Many other similar initiatives
May 3, 2005
Jose' Brustoloni
3
Continuing vulnerability
♦
♦
Malicious node can spoof list with node’s
software configuration and versions
How can network server be sure of
node’s configuration?
May 3, 2005
Jose' Brustoloni
4
Secure coprocessors
Trusted Computing Group (TCG) has
standardized secure coprocessors (TPM) for
just this type of problem
♦ Low cost ($4)
♦ Present in increasing number of computers
from IBM, HP, and others
♦
May 3, 2005
Jose' Brustoloni
5
Our contributions
1.
How to integrate secure coprocessors with network protocols?
Straightforward answer is vulnerable to man-in-the-middle (MITM)
attacks
→ Bound Keyed Attestation (BKA)
♦
2.
How to integrate secure coprocessors with operating system?
Straightforward answer is vulnerable to buggy components other
than the kernel
→ TCB prelogging
♦ Straightforward answer is also vulnerable to tampering by root
→ Security association root tripping
♦
3.
How to keep node under its owner’s control?
Danger of software lock-in
→ Sealing-free attestation confinement
♦
May 3, 2005
Jose' Brustoloni
6
Authenticated boot
Core Root
of Trust for
Measurement
=
BIOS
boot
block
Measurement
Agents
TPM
e.g., daemons and configuration files
May 3, 2005
Jose' Brustoloni
7
Attestation
♦
♦
♦
♦
♦
♦
Challenger sends nonce to node
Node’s operating system asks node’s secure
coprocessor to sign quote (software digests currently
stored in coprocessor)
Signature uses private key generated within
coprocessor
Some authority previously verified that compliant
secure coprocessor bound to node and signed
certificate with coprocessor’s public key
Node’s operating system sends software log, quote,
and certificate to challenger
Challenger verifies certificate, quote, and log
May 3, 2005
Jose' Brustoloni
8
MITM attack against attestation
conformant
host
nonce
MITM
quote
authentication
server
tunnel (e.g. TLS)
May 3, 2005
Jose' Brustoloni
9
Our solution: Bound Keyed Attestation
Combine attestation with Diffie-Helman to
generate shared secret
♦ Bind secret with tunnel’s keys
♦
→ Attestation and tunnel endpoints are the same
May 3, 2005
Jose' Brustoloni
10
BKA protocol
May 3, 2005
Jose' Brustoloni
11
TCB prelogging
♦
Trusted Computing Base (TCB):


anything that could compromise node’s security
includes kernel, configuration files, daemons, root setuid
applications
How can we be sure that TCB is measured?
♦ Our solution: use TCB list (itself part of TCB)
♦ Kernel:
♦



Prelogs items in TCB list into secure coprocessor at boot time
Measures these items, as well as any daemons and root setuid
applications, at open or exec time
In case of discrepancy, logs it into secure coprocessor and
breaks any security associations that depend on the TCB list
May 3, 2005
Jose' Brustoloni
12
Security association root tripping
♦
Root can change configuration after boot time

♦
e.g., sysctl, ifconfig
Our solution: If user insists in logging in as
root:
1.
2.
May 3, 2005
Drop any security associations that depend on TCB
list
 e.g., destroy keys necessary for network access
Log event into secure coprocessor
 node will need to reboot before regaining access
Jose' Brustoloni
13
Sealing-free attestation confinement
♦
♦
Secure coprocessor also enables sealing data such that
data retrieval is possible only when platform has the
same configuration
Danger of software lock-in: software seals to itself
node owner’s data


♦
can’t use competing applications
may lose data if software provider disappears
Our solution:


Operating system supports attestation but not sealing
Integrate attestation only with intranet access control
protocols, which typically cannot cross firewalls
May 3, 2005
Jose' Brustoloni
14
Experimental results
♦
♦
♦
♦
Implemented all mechanisms on FreeBSD 4.8 running on IBM
ThinkPad T30 with 1.8 GHz Pentium 4 and TPM 1.1b secure
coprocessor
BKA integrated with PEAPv2 / 802.1x on Open1x and
FreeRADIUS
FreeRADIUS ran on Dell computer with 2.4 GHz Pentium 4
without secure coprocessor
TCB prelogging, security association root tripping, and sealingfree attestation confinement have negligible impact on FreeBSD
4.8 boot latency or run-time performance
May 3, 2005
Jose' Brustoloni
15
Authentication and authorization
latency and projected throughput
Latency (ms)
Projected
throughput
(supplicants/min)
PEAPv2
PEAPv2 + LOG
PEAPv2 + BKA
67
88
2822
2650
2510
519
• LOG is a NAC-like protocol, vulnerable to spoofing
• BKA latency dominated by secure coprocessor’s quote time (2.5 s)
• Throughput with BKA can be easily increased by using multiple
authentication servers
May 3, 2005
Jose' Brustoloni
16
Related work
♦
♦
♦
♦
♦
NAP, NAC, TNC
Bear
TcgLinux
Microsoft’s NGSCB / Intel’s LT
Terra
May 3, 2005
Jose' Brustoloni
17
Conclusions
Firewalls and VPNs are not enough
♦ Several commercial proposals to authenticate nodes’
configuration are vulnerable to spoofing
♦ Secure coprocessors can block spoofing, but have
challenges of their own
♦ We introduced several new solutions to these
challenges:
♦




Bound Keyed Attestation
TCB prelogging
Security association root tripping
Sealing-free attestation confinement
Experiments show that our techniques have
acceptable overhead Jose' Brustoloni
May 3, 2005
♦
18
Related documents
Title Place here - University of Pittsburgh
Title Place here - University of Pittsburgh
Problem 3.4 For the circuit in Fig. P3.4: (a) Apply nodal analysis to
Problem 3.4 For the circuit in Fig. P3.4: (a) Apply nodal analysis to
[Part 2]
[Part 2]
Circulatory System: Blood system transporting materials in the body
Circulatory System: Blood system transporting materials in the body
4.2 KeyTerms
4.2 KeyTerms
Control of the Heart Rate (students)
Control of the Heart Rate (students)
Here we would like to find the three indicated node... method. So I’ll begin at node 1.
Here we would like to find the three indicated node... method. So I’ll begin at node 1.
Chapter 10.2 Part 2
Chapter 10.2 Part 2
to be levied on AMS
to be levied on AMS
Energy Aware Networks
Energy Aware Networks
Newass4
Newass4
Chapter 1
Chapter 1