Palladium

Visit: www.geocities.com/chinna_chetan05/forfriends.html

PALLADIUM (NGSCB)

1

Email: [email protected]

Visit: www.geocities.com/chinna_chetan05/forfriends.html

Content: •

Abstract

•

Introduction

Architecture and Technical Details Secure Storage and Attestation Curtained Memory •

Working of palladium

•

Protection using palladium

Uses of palladium Digital Rights Management Network Security Multiplayer Games

•

2

Case study

Email: [email protected]

Visit: www.geocities.com/chinna_chetan05/forfriends.html

o

Re-structing data security of jntu examination system 

Existing system

Palladium-as a solution  Advantages •

Conclusion

Today the illicit activities of the hackers are growing by leaps and bounds, viz.,

Abstract: “SECURITY”

in

this

contemporary

scenarios has become a more sensible issue either it may be in the “REAL WORLD” or in the “CYBER WORLD”. In the real world as opposed to the cyber world an attack is often preceded by information gathering. Movie gangsters “case the joint”; soldiers “scout the area”. This is also true in the cyber world. Here the “bad guys” are referred to as intruders,

eavesdroppers,

hackers,

hijackers, etc. The intruders would first have a panoramic view of the victim’s network and then start digging the holes.

3

Email: [email protected]

“THE RECENT ATTACK ON THE DNS SERVERS HAS CAUSED A LOT OF HULLABALOO

ALL OVER THE

WORLD”.

However, fortunately, the

antagonists

reacted

promptly

and

resurrected the Internet world from the brink of prostration. Newton’s law says “Every action has got an equal but opposite reaction”.

So is the case with this.

Nevertheless the security breaches and eavesdroppers, the technological prowess has been stupendously developed to defy against each of the assaults. Our paper covers

the

ADVANCED

technical

Visit: www.geocities.com/chinna_chetan05/forfriends.html combats that have been devised all through the way, thus giving birth to the notion of “NETWORK -SECURITY”. Various

antidotes

that

are

in

fact

inextricable with security issues are – Cryptography, Authentication, Integrity and Non Repudiation, Key Distribution and certification, Access control by implementing Firewalls etc. To satiate the flaws in the network security

more

and

more

advanced

security notions are being devised day by day. Our paper covers a wide perspective of such arenas where the contemporary cyber world is revolving around viz., THE

DMZ

ZONE,

CRYPTOGRAPHY, KERBEROS

PALLADIUM IP

Sec

&

AUTHENTICATION

SYSTEM.

Introduction In June 2002, Microsoft released information regarding its new "Palladium" initiative. Palladium is a system that combines software and hardware controls to create a "trusted" computing platform. In doing so, it would establish an unprecedented level of control over users and their computers. Palladium could place Microsoft as the gatekeeper of identification and authentication. Additionally, systems embedded in both software and hardware would control access to content, thereby creating ubiquitous Digital Rights Management schemes that can track users and control use of media. Microsoft expects to have elements of the system in place by 2004. Professor Ross Anderson has written an extensive FAQ on the Palladium system. Seth Schoen of EFF has published a detailed summary of a meeting about Palladium. Known Elements of the Palladium System •

•

4

Email: [email protected]

The system purports to stop viruses by preventing the running of malicious programs. The system will store personal data within an encrypted folder.

Visit: www.geocities.com/chinna_chetan05/forfriends.html •

• •

•

The system will depend on hardware that has either a digital signature or a tracking number. The system will filter spam. The system has a personal information sharing agent called "My Man." The system will incorporate Digital Rights Management technologies for media files of all types (music, documents, e-mail communications). Additionally, the system purports to transmit data within the computer via encrypted paths.

Many questions remain regarding the Palladium system. For instance, is the system even necessary? Many of the known elements are already offered by third parties or could be accomplished through simple means that do not require identification and authentication. For instance, simply avoiding the use of Microsoft's Outlook e-mail software, which in some cases automatically executes attachments, can prevent the running of malicious code and the spread of viruses. Products already exist that can store personal information on encrypted partitions of the user's hard drive. Spam avoidance is served by a number of tools, such as whitelists, blacklists, and filtering, without any requirement of identification or authentication. "Trusted" Computing Means Controlled Computing

5

Email: [email protected]

Architecture and Technical Details

Architecture of NGSCB A complete Microsoft-based Trusted Computing-enabled system will consist not only of software components developed by Microsoft but also of hardware components developed by the Trusted Computing Group. The majority of features introduced by NGSCB are heavily reliant on specialised hardware and so will not operate on contemporary PCs. In current Trusted Computing specifications, there are two hardware components; the Trusted Platform Module (TPM), which will provide secure storage of cryptographic keys and a secure cryptographic co-processor, and a curtained memory feature in the Central Processing Unit (CPU). In NGSCB, there are two software components, the Nexus, a security kernel that is part of the Operating System, and Nexus Computing

Visit: www.geocities.com/chinna_chetan05/forfriends.html Agents (NCAs), trusted modules within NGSCB-enabled applications.

Secure Storage and Attestation At the time of manufacture, a cryptographic key is generated and stored within the TPM. This key is never transmitted to any other component, and the TPM is designed in such a way that it is extremely difficult to retrieve the stored key by reverse engineering or any other method, even to the owner. Applications can pass data encrypted with this key to be decrypted by the TPM, but the TPM will only do so under certain strict conditions. Specifically, decrypted data will only ever be passed to authenticated, trusted applications, and will only ever be stored in curtained memory, making it inaccessible to other applications and the Operating System. Although the TPM can only store a single cryptographic key securely, secure storage of arbitrary data is by extension possible by encrypting the data such that it may only be decrypted using the securely stored key. The TPM is also able to produce a cryptographic signature based on its hidden key. This signature may be verified by the user or by any third party, and so can therefore be used to provide remote attestation that the computer is in a secure state.

Curtained Memory NGSCB also relies on a curtained memory feature provided by the CPU. Data within curtained memory can only be accessed by the application to which it belongs, and not by any other application or the Operating System. The attestation features of the TPM can be used to confirm to a trusted application that it is genuinely running in curtained memory; it is therefore very difficult for anyone, including the owner, to trick a trusted application into running outside of curtained memory. This in turn makes reverse engineering of a trusted application extremely difficult.

Applications NGSCB-enabled applications are to be split into two distinct parts, the NCA, a trusted module with access to a limited Application Programming Interface (API), and an untrusted portion, which has access to the full Windows API. Any code which deals with NGSCB functions must be located within the NCA. The reason for this split is that the Windows API has developed over many years and is as a result extremely complex and difficult to audit for security bugs. To maximise security, trusted code is required to use a smaller, carefully audited API. Where security is not paramount, the full API is available.

Working of palladium:

6

Email: [email protected]

Visit: www.geocities.com/chinna_chetan05/forfriends.html

attack were to get at them, these core Palladium is a new hardware and

software

architecture.

This

architecture will include a new security

system secrets would only be applicable to the data within a single computer and could not be used on other computes.

computing chip and design changes to a computer’s

central

processing

unit

(CPU), chipsets, and peripheral devices,

Protection using palladium:

such as keyboards and printers. It also will enable applications and components of these applications to run in a protected memory space that is highly resistant to tempering and interference. The pc-specific secret coding within palladium makes stolen files useless on other machines as they are physically and cryptographically locked within the hardware of the machine. This means software attacks can’t expose these secrets. Even if a sophisticated hardware Email: [email protected]

7

Palladium prevents identity theft and unauthorized access to personal data on the user’s device while on the internet and on other networks. Transactions and processes are verifiable and reliable through the attestable hardware and software architecture and they cannot be imitated. With palladium, a system’s secrets are locked in the computer and are only revealed on terms that the user has

Visit: www.geocities.com/chinna_chetan05/forfriends.html specified. In addition, the trusted user

of code. Anyone can certify ‘palladium”

interface

and

hardware or software, and it is expected

impersonation. The user controls what is

that many companies and organizations

revealed and can separate categories of

will offer this service. Allowing multiple

data on a single computer into distinct

parties to independently evaluate and

realms. Like a set of vaults, realms

certify “ palladium” capable systems

provide the assurance of separability.

means that users will be able to obtain

With distinct identifiers, policies and

verification

categories of data for each, realms allow

from organizations that they trust. In

a user to have a locked-down work

addition, this will form the basis for a

environment and fully open surfing

strong business incentive to preserve and

environment at the same time, on the

enhance privacy and security. Moreover,

same computer.

palladium allows any number of trusted

prevents

snooping

of the system’s operation

internal or external entities to interact Finally, the “ palladium” architecture will enable a new class of identity

service

providers

that

platform.

can

potentially offer users choices for how their identities are represented in online transactions. These service providers can also ensure that the user is in control of policies for how personal information is revealed to others. In addition, palladium will allow users to employ identity service providers of their own choice. From the perspective of privacy ( and anti-virus protection), one of the key benefits of palladium is the ability for users to effectibely delegate certification Email: [email protected]

8

with a trusted component or trusted

Uses: NGSCB is currently set to be a framework for building Trusted Computing applications. It therefore has a wide range of potential uses, but does not inherently provide any features from the point of view of the user.

Digital Rights Management By utilising the attestation, curtained memory and cryptographic features of the TPM, a secure form of Digital Rights Management (DRM) may be developed; critics charge that although it does not

Visit: www.geocities.com/chinna_chetan05/forfriends.html provide DRM features itself, DRM is nevertheless the primary motivation for the development of NGSCB.

diminishes the enjoyment of those games by legitimate players. Common methods of cheating include:

DRM would be implemented by encrypting DRM-protected files and only making the decryption key available to trusted applications. A wide range of copy-protection and similar features could thereby be implemented, limited only by the imagination. For example, it would be possible to create a file that can only be read on one computer, or within one organisation, or a file that can only be opened for reading three times. While any DRM-protected file could be just as easily copied or read as an unprotected file, it would be impossible to decrypt the file at an unauthorised destination, rendering it useless.

Network Security In corporate and educational networking environments, a desirable feature of NGSCB is the ability of each workstation to securely attest that no unauthorised modifications have been made either to its hardware or software. A workstation that is unable to authenticate itself can then be automatically denied access to some or all network services pending investigation.

Multiplayer Games The attestation and curtained memory features of NGSCB could also potentially be used to prevent most kinds of cheating in multiplayer games. Cheating by various means is currently prevalent in a number of multiplayer games and

9

Email: [email protected]

•

Modification of the game executable or video drivers, e.g. to allow the player to see through walls. This type of cheat can be prevented by using remote attestation to confirm that neither the game executable nor the video driver has been modified.

•

Modification of game network traffic in transit between the client and server, e.g. to augment a player's ability to aim their weapon in a first-person shooter game. This type of cheat can be prevented by encryption of network traffic within curtained memory prior to transmission, and corresponding decryption on the server.

Case study: RESTRUCTURING DATA SECURITY OF JNTU EXAMINATION SYSTEM USING PALLADIUM Existing system: In order to eliminate the leakage of question papers, the Jawaharlal Nehru

Visit: www.geocities.com/chinna_chetan05/forfriends.html technological

⇒

⇒

⇒

university

(J.N.T.U),

Hyderabad, has recently decided to

secure it has certain loopholes like:

implement the system of Electronic

1. As the encrypted question papers are

Distribution

Papers

also available on the Internet there is

(EDEP) – a new method of conducting

every chance of crackers downloading

the examinations.

and trying to decrypt them.

of

Examination

In this system, 4 sets of question papers

2. This method of 4 sets of question

are generated and encrypted into a

papers has been resented by the student

“college-specific” C.D.

and teacher community alike.

The encrypted CD is supplied to the

3. There is every chance of failure or mis-

examination centers about 3 days in

match of the college specific C.D., due to

advance.

the large number of affiliate colleges (as

The question papers in encrypted form

is been observed in some cases).

are also made available on the JNTU

4. Also, in one case, a previous

examination website.

examination

Password to read the CDs is supplied

C.D.

was

mistakenly

decrypted, and the question papers thus

one hour before the commencement of

printed,

examination

principal/chief

examination center.

internet,

Palladium-as a solution (as shown in

superintendent

to

the

through

cell

phone, telephone or Fax. ⇒

Though this system is largely stable and

The principal soon after receipt of

distributed

initially

at

an

figure 2) Palladium

is based on the

password decrypts the original question

concept of trusted space. A closed

papers of that day using the software

sphere of trust binds data or a service,

supplied by JNTU examination branch.

to both a set of users and to a set of

The EDEP employs the method of public

acceptable applications. Due to this an

key cryptography.

unauthorized user cannot access the

1 0

Email: [email protected]

Visit: www.geocities.com/chinna_chetan05/forfriends.html by the “nexus” of the JNTU’s palladium based server. 2. If an unauthorized system (without palladium) forwards a request it is immediately rejected

by

the

server’s

trusted agent. Even if an unauthorized palladium PC tries to access the server its request is rejected. 3. The PC-specific secret coding data or software which is based on a

within palladium makes stolen

server.

files useless on other machines In the revised system the

as they are physically and

encrypted question papers are put up

cryptographically

on the J.N.T.U’s palladium based

within the hardware of the

server and all the affiliate colleges use

server or trusted computer.

college-specific palladium computers. It works as follows: (government

or

programmed)

is

is

private employed

responsible

for

the

college issues a request to the common trusted agent (of JNTU internet.

and This

college) request

via is

granting of access to JNTU

granted and each-particular

examination

question paper pertaining to

server.

It

processes the requests and forwards only those certified

1 1

examinations

palladium computer of the

1. A third party trusted agent

who

4. During

locked

Email: [email protected]

Visit: www.geocities.com/chinna_chetan05/forfriends.html that day is accessed by the

Nevertheless the cumbersome combats

college.

devised against each of the security fissures, yet the cyber MAVERICKS all around the world are succeeding in their ways of perdition. This was quite evident from the E-attacks on BARC server & post-September11th cyber attacks on FBI

ADVANTAGES:  As the process of question paper

sites where even sophisticated

down load is highly secure, the

surveillance systems couldn’t come to

chances of leakage are literally nil.

their rescue. A case in point is that, E-

 Since

this

method

is

highly

ATTACKS are becoming notoriously

trustworthy a single set question

peerless as compared with the traditional

paper system can be employed.

nuke-wars. Consequently, in the quench

 An advanced system of Internet

of thirst for more and more secured

communication can be adopted for a

systems BIOMETRIC SYSTEMS,

broader reach, thus eliminating the

QUANTUM-CRYPTOGRAPHY and

role of C.D.

many more are innovatively being

 Since the download of question

implemented at a cumulative pace. If

papers is “request-specific and time

we are not exaggerating, let’s be

bound” there can not be a case of

optimistic of a 100% foolproof, secured

question paper mis-match.

global village in the near future. Doesn’t

Conclusion: The capability of security enabled components still lags behind the claims. Basic security challenges in the corporate realm are not yet completely addressed.

1 2

Email: [email protected]

Forget Newton’s law say “Every Every action has got an equal but opposite reaction”?

Visit: www.geocities.com/chinna_chetan05/forfriends.html REFERENCES:

♦ ♦ ♦

Digit magazine,

Topics- 1 & 2.

Microsoft Press Pass, Topics- 3 & 4.

J.N.T.U website

Case

Study.

1 3

Email: [email protected]