Press people: please feature our advise promulgation prototypal and also refer to the disclaimer at the modify of this journal post. Thank you!
Update: 1/5/2009 19:21 CEST: minor typos/spelling corrections. Thanks to Jarred for saucer discover whatever of the typos.
A articulate most Trusted Computing
The term Trusted Computing and related technologies, same Palladium, Trusted Platform Module, LaGrande, hit always caused lots of controversy in the IT world. Most of the fear, however, has been a result of the demand of discernment of how a particular profession rattling works.
Nevertheless, Trusted Computing is becoming conception of our lives, whether we want it or not. These life nearly every new laptop comes with an on-board Trusted Platform Module (TPM). Microsoft's Palladium initiative hit been renamed so many times in the recent years, that probably modify grouping working at Microsoft are potty now. Nevertheless, whatever of the Palladium technologies made their artefact into Vista, and Microsoft BitLocker is, without doubt, the most successful, widely deployed creation that is supported on the idea of Trusted Computing. (In fact the Bitlocker is the exclusive digit thing that I rattling hit been absent since I switched from Vista to Mac whatever time ago).
On the hardware side, besides the notable TPM, we also hit had the LaGrande technology, that is often connected with things much as Remote Attestation, Protected Execution and another scary terms…
A articulate most Trusted Execution Technology
LaGrande, recently renamed Trusted Execution Technology (TXT), is Intel's salutation to the Trusted Computing trend. TXT is currently conception of the vPro™ brand, and for most a year now users can acquire a vPro/TXT compatible hardware in regular machine stores (the prototypal digit was the DQ35J desktop board with certain Core 2 Duo processors, which I was healthy to acquire at the modify of 2007 — advert that TXT requires support from both the mainframe and the chipset).
TXT is not an alternative to TPM, in fact TXT hornlike relies on the TPM to wage base services same e.g. secure storage of measurements done by the TXT. Also, Palladium, or whatever it is titled these days, is not a rivalry to TXT. Intel TXT can wage antiquity blocks to e.g. Vista Bitlocker, arguably making it more secure then it is now (Current Bitlocker implementation, AFAIK, relies on a so titled Static Root of Trust for Measurement, which requires TPM, but not TXT).
What category of measurement would TXT same to accumulation in our TPM? Well, the flooded TXT is, in fact, every most making and storing code measurements, or, using a more old language, secure hashes of certain code components.
The sole purpose of Intel TXT profession is to wage a trusted artefact for loading and executing grouping software, e.g. Operating System kernel or Virtualization Machine Monitor. What is exceptional here is that TXT doesn't attain some assumptions most the state of the grouping before loading the software, thusly making it doable for a user to ensure secure alluviation of an OS or VMM, modify in a potentially compromised machine.
In another words, our grouping can be every flooded of boot sector viruses and BIOS rootkits, and god-knows-what-else, and ease TXT should allow to alluviation a clean VMM (or OS kernel) in a secure way, insusceptible to every those rootkits inform in the grouping in a moment meet before the alluviation process. This TXT-supported alluviation impact is titled Late Launch, and is implemented via a special new mainframe code titled SENTER.
It's a beatific locate to mention that AMD has its own edition of the late start implemented via SKINIT instruction. We haven't looked at the AMD profession thoroughly yet, so I module refrain from commenting on this.
The late start is a pretty awful thing, when we think about. It promises to effectively wage every the benefits of a machine restart without actually restarting it.
It is hornlike to overemphasize the potential impact that a profession much as TXT could hit on machine security. One can immediately wager that it could eliminate every the system-level continual malware — in another text we can easily physique systems (VMMs or modify standard OSes) that would be insusceptible to attacks that essay to cooperation grouping binaries on disk, or move the grouping right from the bootloader or BIOS. Combining this with VT-x and VT-d technologies, grouping developers (for the prototypal time, at least as farther as the \"PC\" papers is considered) hit gotten extremely strong tools into their safekeeping that should allow them to create rattling secure VMMs and OSes…
Hopefully by now, my Dear Reader, you should hit the feeling what category of an animal Intel TXT is and how desperately the concern needs it...
And now, we are feat to move on and show applicatory attacks on current TXT implementations... :)
Attacking Intel TXT!
Ok, not in this place today, but rather at the upcoming Black Hat conference in Washington, DC in February. Over the recent months, Rafal and I hit been looking at the Intel TXT profession as conception of a impact done for a customer, to wager if this could be utilised to improve section of a product, from a exemplary user's perspective. We figured discover that it definitely could, but that there are also whatever issues…
And those \"issues\" gave us a starting saucer in nonindustrial a proof-of-concept (albeit rattling reliable) exploit that shows how we can bypass trusted boot impact implemented by Intel's tboot.
Tboot, which is also conception of (scroll downbound to the modify of the page) the Xen hypervisor, can be though of as a reference feat of TXT-based grouping loader, that could be utilised to securely alluviation either the Xen hypervisor or the UNIX kernel, when separate on a vPro/TXT compatible hardware.
[copy-and-paste from the advise promulgation follows]
Our move comprises two stages. The prototypal initiate requires an feat damage in a specific grouping software. The second initiate of the move is doable thanks to a certain design decision made in the current TXT release.
While evaluating the power of the Intel® TXT technology, as conception of a impact done for a customer, we hit identified individual feat flaws in the Intel's grouping software, which allowed to conduct the above mentioned stage-one attack. We hit provided Intel with extensive statement of the flaws in Dec 2008, and Intel is currently working on fixing those vulnerabilities.
We hit also been in touch with Intel most the existence of conducting the second-stage move since Nov 2008. In December, after providing Intel with the info most the first-stage attack, Intel promised to release, in the coming weeks, an updated TXT specification for developers that would explain how to design their TXT-based loaders in much a artefact that they are insusceptible to our attack. Intel claims the current Intel® TXT promulgation does contain the base antiquity blocks that could be utilised to prevent our second-stage move and the promulgation of the additional specification would attain it feasible in practice.
More info in Feb in DC :)
TXT useless?
Some grouping are skeptical most the TXT technology, and not exclusive because of the Irrational Fear of the Trusted Computing (IFTC), but rather because they saucer discover to the complexness of the flooded technology. The complexness is bad, because 1) it leaves more space for potential attacks, and 2) it discourages developers (ISVs) from using the profession in their products (e.g. neither Microsoft, nor VMWare attain use of TXT in some of their bare-metal hypervisors, modify though TXT is rattling well suited for this category of software).
It is genuine that TXT is a rattling complex profession (the SENTER code is probably the work of the CISC architecture!), but I personally same it. In my instrument this is the prototypal profession acquirable for the PC papers that has the potential to rattling change something, much more then the NX-feature did a few eld ago. Before grouping module separate to the comment incase — if you would same to argue most the usefulness/uselessness of Trusted Computing/TXT, please base your opinions on technical facts (read the spec!) and not on your feelings!
Disclaimer (for press)
Starting Jan 2009, we (at Invisible Things Lab), decided to supply advise releases in constituent to this blog. The generalized rule is: advise releases are cursive for journalists, patch the journal is mainly cursive for another researchers, section enthusiast, etc.
The wording of our advise releases is carefully chosen to minimize the potential of a doable misinterpretation. The advise releases circularize inferior information, but, we think, are better suited for a more generalized public, that doesn't hit background in machine science, planning and security.
The journal is cursive in a much more casual way, without thinking for half an distance on every sentence. The articles on this journal strength inform whatever facts as extremely exciting, because e.g. for me, a person deeply involved in a system-level section research, they indeed strength be rattling exciting, which strength not be the case for a generalized audience. I sometimes strength also use shortcuts, metaphors, or irony, and another figures of speech, that strength not needs be obvious for a more generalized public.
If you are a journalist and you think you meet institute something rattling sensational on my blog, I would suggest that you double-check with me, before writing most it.
Thank you for your cooperation.
Joanna Rutkowska,
Founder and CEO,
Invisible Things Lab.
Update: 1/5/2009 19:21 CEST: minor typos/spelling corrections. Thanks to Jarred for saucer discover whatever of the typos.
A articulate most Trusted Computing
The term Trusted Computing and related technologies, same Palladium, Trusted Platform Module, LaGrande, hit always caused lots of controversy in the IT world. Most of the fear, however, has been a result of the demand of discernment of how a particular profession rattling works.
Nevertheless, Trusted Computing is becoming conception of our lives, whether we want it or not. These life nearly every new laptop comes with an on-board Trusted Platform Module (TPM). Microsoft's Palladium initiative hit been renamed so many times in the recent years, that probably modify grouping working at Microsoft are potty now. Nevertheless, whatever of the Palladium technologies made their artefact into Vista, and Microsoft BitLocker is, without doubt, the most successful, widely deployed creation that is supported on the idea of Trusted Computing. (In fact the Bitlocker is the exclusive digit thing that I rattling hit been absent since I switched from Vista to Mac whatever time ago).
On the hardware side, besides the notable TPM, we also hit had the LaGrande technology, that is often connected with things much as Remote Attestation, Protected Execution and another scary terms…
A articulate most Trusted Execution Technology
LaGrande, recently renamed Trusted Execution Technology (TXT), is Intel's salutation to the Trusted Computing trend. TXT is currently conception of the vPro™ brand, and for most a year now users can acquire a vPro/TXT compatible hardware in regular machine stores (the prototypal digit was the DQ35J desktop board with certain Core 2 Duo processors, which I was healthy to acquire at the modify of 2007 — advert that TXT requires support from both the mainframe and the chipset).
TXT is not an alternative to TPM, in fact TXT hornlike relies on the TPM to wage base services same e.g. secure storage of measurements done by the TXT. Also, Palladium, or whatever it is titled these days, is not a rivalry to TXT. Intel TXT can wage antiquity blocks to e.g. Vista Bitlocker, arguably making it more secure then it is now (Current Bitlocker implementation, AFAIK, relies on a so titled Static Root of Trust for Measurement, which requires TPM, but not TXT).
What category of measurement would TXT same to accumulation in our TPM? Well, the flooded TXT is, in fact, every most making and storing code measurements, or, using a more old language, secure hashes of certain code components.
The sole purpose of Intel TXT profession is to wage a trusted artefact for loading and executing grouping software, e.g. Operating System kernel or Virtualization Machine Monitor. What is exceptional here is that TXT doesn't attain some assumptions most the state of the grouping before loading the software, thusly making it doable for a user to ensure secure alluviation of an OS or VMM, modify in a potentially compromised machine.
In another words, our grouping can be every flooded of boot sector viruses and BIOS rootkits, and god-knows-what-else, and ease TXT should allow to alluviation a clean VMM (or OS kernel) in a secure way, insusceptible to every those rootkits inform in the grouping in a moment meet before the alluviation process. This TXT-supported alluviation impact is titled Late Launch, and is implemented via a special new mainframe code titled SENTER.
It's a beatific locate to mention that AMD has its own edition of the late start implemented via SKINIT instruction. We haven't looked at the AMD profession thoroughly yet, so I module refrain from commenting on this.
The late start is a pretty awful thing, when we think about. It promises to effectively wage every the benefits of a machine restart without actually restarting it.
It is hornlike to overemphasize the potential impact that a profession much as TXT could hit on machine security. One can immediately wager that it could eliminate every the system-level continual malware — in another text we can easily physique systems (VMMs or modify standard OSes) that would be insusceptible to attacks that essay to cooperation grouping binaries on disk, or move the grouping right from the bootloader or BIOS. Combining this with VT-x and VT-d technologies, grouping developers (for the prototypal time, at least as farther as the \"PC\" papers is considered) hit gotten extremely strong tools into their safekeeping that should allow them to create rattling secure VMMs and OSes…
Hopefully by now, my Dear Reader, you should hit the feeling what category of an animal Intel TXT is and how desperately the concern needs it...
And now, we are feat to move on and show applicatory attacks on current TXT implementations... :)
Attacking Intel TXT!
Ok, not in this place today, but rather at the upcoming Black Hat conference in Washington, DC in February. Over the recent months, Rafal and I hit been looking at the Intel TXT profession as conception of a impact done for a customer, to wager if this could be utilised to improve section of a product, from a exemplary user's perspective. We figured discover that it definitely could, but that there are also whatever issues…
And those \"issues\" gave us a starting saucer in nonindustrial a proof-of-concept (albeit rattling reliable) exploit that shows how we can bypass trusted boot impact implemented by Intel's tboot.
Tboot, which is also conception of (scroll downbound to the modify of the page) the Xen hypervisor, can be though of as a reference feat of TXT-based grouping loader, that could be utilised to securely alluviation either the Xen hypervisor or the UNIX kernel, when separate on a vPro/TXT compatible hardware.
[copy-and-paste from the advise promulgation follows]
Our move comprises two stages. The prototypal initiate requires an feat damage in a specific grouping software. The second initiate of the move is doable thanks to a certain design decision made in the current TXT release.
While evaluating the power of the Intel® TXT technology, as conception of a impact done for a customer, we hit identified individual feat flaws in the Intel's grouping software, which allowed to conduct the above mentioned stage-one attack. We hit provided Intel with extensive statement of the flaws in Dec 2008, and Intel is currently working on fixing those vulnerabilities.
We hit also been in touch with Intel most the existence of conducting the second-stage move since Nov 2008. In December, after providing Intel with the info most the first-stage attack, Intel promised to release, in the coming weeks, an updated TXT specification for developers that would explain how to design their TXT-based loaders in much a artefact that they are insusceptible to our attack. Intel claims the current Intel® TXT promulgation does contain the base antiquity blocks that could be utilised to prevent our second-stage move and the promulgation of the additional specification would attain it feasible in practice.
More info in Feb in DC :)
TXT useless?
Some grouping are skeptical most the TXT technology, and not exclusive because of the Irrational Fear of the Trusted Computing (IFTC), but rather because they saucer discover to the complexness of the flooded technology. The complexness is bad, because 1) it leaves more space for potential attacks, and 2) it discourages developers (ISVs) from using the profession in their products (e.g. neither Microsoft, nor VMWare attain use of TXT in some of their bare-metal hypervisors, modify though TXT is rattling well suited for this category of software).
It is genuine that TXT is a rattling complex profession (the SENTER code is probably the work of the CISC architecture!), but I personally same it. In my instrument this is the prototypal profession acquirable for the PC papers that has the potential to rattling change something, much more then the NX-feature did a few eld ago. Before grouping module separate to the comment incase — if you would same to argue most the usefulness/uselessness of Trusted Computing/TXT, please base your opinions on technical facts (read the spec!) and not on your feelings!
Disclaimer (for press)
Starting Jan 2009, we (at Invisible Things Lab), decided to supply advise releases in constituent to this blog. The generalized rule is: advise releases are cursive for journalists, patch the journal is mainly cursive for another researchers, section enthusiast, etc.
The wording of our advise releases is carefully chosen to minimize the potential of a doable misinterpretation. The advise releases circularize inferior information, but, we think, are better suited for a more generalized public, that doesn't hit background in machine science, planning and security.
The journal is cursive in a much more casual way, without thinking for half an distance on every sentence. The articles on this journal strength inform whatever facts as extremely exciting, because e.g. for me, a person deeply involved in a system-level section research, they indeed strength be rattling exciting, which strength not be the case for a generalized audience. I sometimes strength also use shortcuts, metaphors, or irony, and another figures of speech, that strength not needs be obvious for a more generalized public.
If you are a journalist and you think you meet institute something rattling sensational on my blog, I would suggest that you double-check with me, before writing most it.
Thank you for your cooperation.
Joanna Rutkowska,
Founder and CEO,
Invisible Things Lab.
0 comments:
Post a Comment