Extending Secure Execution Environments beyond the TPM

This project discusses some of the shortcomings and limitations of secure execution with the current state of the Trusted Computing Group (TCG) specifications. Though we feel that the various industry initiatives taken by the TCG and CPU manufacturers for hardware based platform security are a step in the right direction, the problem of secure isolated code execution and TCB minimization still remains unsolved. This project proposes and implements an alternative architecture for secure code execution. Rather than proposing recommendations for hardware changes or building isolated execution environments inside a Trusted Platform Module (TPM), we use a platform that provides related, yet different services for secure / trusted code execution; couple its functionality and bind it to a TPM using cryptographic primitives. For the purpose of this study we used multi-application programmable SmartCards but similar work can also be implemented on other platforms as long as they meet some pre-requisites described in his report.

Though newer hardware platforms such as IntelTXT (Trusted Execution Technology; formerly known as LaGrande) or AMD-V add support for native virtualization and secure interfacing with the TPM, the solution implemented in this project assumes a highly un-trusted environment and works on general purpose commodity hardware. Implementing a solution like this allows application developers to focus exclusively on the functionality and security of just their own code. Hence enabling them to execute their applications in isolation from numerous shortcomings and vulnerabilities that exist both in the form of hardware and software attacks. Furthermore we provide an interface to extend the existing functionality of the TPM by implementing special purpose code modules inside a smart card which can be used for all the functionalities missing in the TPM (for example replace-able cryptographic algorithms) yet required by high assurance and security sensitive applications. Furthermore by making small application closures running inside the secure execution environment of smart cards, we can minimize the TCB that a user needs to trust.

We first discuss the challenges we face in the coupling process and the platform differences between the TPM and a Smart Card. We also discuss what solutions are possible and impossible in this scenario. Then we describe our implementation of a secure TPM / Smart Card cryptographic binding that gives us assurances of strong authentication with confidentiality and integrity services for the applications built with the coupled architecture. We move forward to describe our implementations of some of the enhanced TPM / Smart Card coupled services that were not possible with either a TPM or Smart Card alone and we discuss how these enhanced services add value to the current applications. With these enhanced TPM services we implement some applications that change the way conventional TPM or Smart Card applications are perceived. Finally we shed some light on potential future applications and future work.