52 Things: Number 48: What is the purpose and use of a TPM?
52 Things: Number 48: What is the purpose and use of a TPM?
52 Things: Number 48: What is the purpose and use of a TPM?
52件事:48號:TPM的目的和用途是什么?This is the latest in a series of blog posts to address the list of '52 Things Every PhD Student Should Know To Do Cryptography': a set of questions compiled to give PhD candidates a sense of what they should know by the end of their first year.
這是一系列博客文章中的最新一篇,旨在解決“每個博士生在做密碼學時應該知道的52件事”:這是一組問題,旨在讓博士生在第一年結束時了解他們應該知道什么。
這是一系列博客文章中的最新一篇,旨在解決“每個博士生在做密碼學時應該知道的52件事”:這是一組問題,旨在讓博士生在第一年結束時了解他們應該知道什么。
Before examining the point of this question (namely what the purpose and use of a TPM is) it's worth trying to understand the problem a TPM is designed to overcome. The problem is really one of trust. Trusting what? Well, primarily the memory and software running on a computer. These things can be directly accessed by the operating system and so secret information (such as cryptographic keys) can be accessed by an attacker who has access to the machine at the operating system level. If these keys are being stored directly in memory and being accessed by software, it could be fairly trivial for an attacker to read off the memory location where the keys are being stored and then compromise security.
在研究這個問題的要點(即TPM的目的和用途是什么)之前,值得嘗試了解TPM旨在克服的問題。真正的問題在于信任。信任什么?嗯,主要是計算機上運行的內存和軟件。操作系統可以直接訪問這些東西,因此在操作系統級別訪問機器的攻擊者可以訪問機密信息(如密鑰)。如果這些密鑰直接存儲在內存中并由軟件訪問,那么攻擊者讀取存儲密鑰的內存位置,然后危及安全性,這可能是相當微不足道的。
在研究這個問題的要點(即TPM的目的和用途是什么)之前,值得嘗試了解TPM旨在克服的問題。真正的問題在于信任。信任什么?嗯,主要是計算機上運行的內存和軟件。操作系統可以直接訪問這些東西,因此在操作系統級別訪問機器的攻擊者可以訪問機密信息(如密鑰)。如果這些密鑰直接存儲在內存中并由軟件訪問,那么攻擊者讀取存儲密鑰的內存位置,然后危及安全性,這可能是相當微不足道的。
One way around this problem is make sure that keys are never stored directly in the computers memory which can be accessed by software. Given that the keys are required for secure applications they must at some point be presented in a state that can be used by the software so how could this be possible? Well, one way is to protect the secret keys stored in memory by wrapping them using a key that the software does not have access to. By having a separate piece of hardware for instance that has a key burned into it and which is able to perform certain cryptographic operations with that key. This piece of hardware could therefore be employed by the software to do various things with this secret key that is stored on the hardware to do things such as wrap keys to be stored in memory, but never have access to this key directly.
解決這個問題的一種方法是確保密鑰永遠不會直接存儲在計算機存儲器中,而計算機存儲器可以通過軟件訪問。考慮到密鑰是安全應用程序所必需的,它們必須在某個時候以軟件可以使用的狀態呈現,那么這怎么可能呢?好吧,一種方法是通過使用軟件無法訪問的密鑰包裝存儲在內存中的密鑰來保護它們。例如,通過使用一個單獨的硬件,該硬件中燒有一個密鑰,并且能夠使用該密鑰執行某些加密操作。因此,軟件可以使用這一硬件來利用存儲在硬件上的這個密鑰來做各種事情,例如要存儲在存儲器中的包裝密鑰,但永遠不能直接訪問這個密鑰。
解決這個問題的一種方法是確保密鑰永遠不會直接存儲在計算機存儲器中,而計算機存儲器可以通過軟件訪問。考慮到密鑰是安全應用程序所必需的,它們必須在某個時候以軟件可以使用的狀態呈現,那么這怎么可能呢?好吧,一種方法是通過使用軟件無法訪問的密鑰包裝存儲在內存中的密鑰來保護它們。例如,通過使用一個單獨的硬件,該硬件中燒有一個密鑰,并且能夠使用該密鑰執行某些加密操作。因此,軟件可以使用這一硬件來利用存儲在硬件上的這個密鑰來做各種事情,例如要存儲在存儲器中的包裝密鑰,但永遠不能直接訪問這個密鑰。
This is essentially what a TPM does. A TPM has an RSA key pair called the Storage Root Key (SRK). The private part of this key is kept secret from everything and everyone. Using this private key, other keys (that software uses) can be wrapped (often called “binding”) using the SRK, protecting them from disclosure. In addition to simply wrapping keys, TPMs can also wrap keys and tie them to certain platform measurements. This type of key can only be unwrapped when those platform measurements have the same values that they had when the key was created. This process is known as “sealing.” TPMs can also be used for cryptographic key generation and perform other cryptographic tasks one of which is know as remote attestation, which creates a hash key summary of the hardware and software configuration allowing a third party to verify that the software has not been changed.
這基本上就是TPM所做的。TPM有一個稱為存儲根密鑰(SRK)的RSA密鑰對。這把鑰匙的私人部分對任何人都是保密的。使用這個私鑰,軟件使用的其他密鑰可以使用SRK進行封裝(通常稱為“綁定”),以保護它們不被泄露。除了簡單地包裝密鑰外,TPM還可以包裝密鑰并將其綁定到特定的平臺測量。只有當這些平臺測量值與創建密鑰時的值相同時,才能展開這種類型的密鑰。這個過程被稱為“密封”。TPM還可以用于生成加密密鑰并執行其他加密任務,其中一個任務被稱為遠程認證,它創建硬件和軟件配置的哈希密鑰摘要,允許第三方驗證軟件是否未更改。
這基本上就是TPM所做的。TPM有一個稱為存儲根密鑰(SRK)的RSA密鑰對。這把鑰匙的私人部分對任何人都是保密的。使用這個私鑰,軟件使用的其他密鑰可以使用SRK進行封裝(通常稱為“綁定”),以保護它們不被泄露。除了簡單地包裝密鑰外,TPM還可以包裝密鑰并將其綁定到特定的平臺測量。只有當這些平臺測量值與創建密鑰時的值相同時,才能展開這種類型的密鑰。這個過程被稱為“密封”。TPM還可以用于生成加密密鑰并執行其他加密任務,其中一個任務被稱為遠程認證,它創建硬件和軟件配置的哈希密鑰摘要,允許第三方驗證軟件是否未更改。
The real point to understand here is that by pushing security down to the hardware level and ensuring that it is given over to a separate piece of hardware that has it's own firmware and circuits that can't be altered from the outside, the system is not exposed to software vulnerabilities and is therefore more trustworthy.
這里真正需要理解的是,通過將安全性降低到硬件級別,并確保將其交給一個單獨的硬件,該硬件具有自己的固件和無法從外部更改的電路,系統不會暴露于軟件漏洞,因此更值得信賴。
這里真正需要理解的是,通過將安全性降低到硬件級別,并確保將其交給一個單獨的硬件,該硬件具有自己的固件和無法從外部更改的電路,系統不會暴露于軟件漏洞,因此更值得信賴。
So what is the purpose of a TPM? To overcome the problem of trusting (or rather not trusting) software to be completely reliable.
那么TPM的目的是什么呢?克服信任(或者更確切地說不信任)軟件是完全可靠的問題。
那么TPM的目的是什么呢?克服信任(或者更確切地說不信任)軟件是完全可靠的問題。
What is the use of a TPM? We mentioned a number of them. First of all was binding, which essentially wraps a key using the private key of the SRK. The second was sealing which also ties the wraped key to a particular platform measurements. And thirdly we looked at remote attestation and noted that TPMs can also be used for other cryptographic functions such as key generation.
TPM的用途是什么?我們提到了其中一些。首先是綁定,它基本上使用SRK的私鑰來封裝密鑰。第二是密封,它還將封裝的密鑰綁定到特定的平臺測量。第三,我們研究了遠程認證,并注意到TPM也可以用于其他加密功能,如密鑰生成。
TPM的用途是什么?我們提到了其中一些。首先是綁定,它基本上使用SRK的私鑰來封裝密鑰。第二是密封,它還將封裝的密鑰綁定到特定的平臺測量。第三,我們研究了遠程認證,并注意到TPM也可以用于其他加密功能,如密鑰生成。
The Working Class Must Lead!
浙公網安備 33010602011771號