Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


07:30 PM

A Tipping Point For The Trusted Platform Module?

To achieve widespread adoption, TPM must overcome challenges to encryption key management.

While a Trusted Platform Module chip could be applied to DRM, it's far from the most common use-case of the technology today. More important in the TPM ecosystem are the other possibilities it affords. The Trusted Computing Group encompasses a variety of platforms, including working groups dedicated to Authentication, Mobile, Software Stack, Storage, Trusted Network Connect, and Virtualized Platform.

The most widespread use of TPM today is Microsoft's BitLocker drive encryption technology. BitLocker can operate with or without the TPM hardware, though the recommended and most secure method of operation requires a 1.2 TPM chip, and it's able to offer significantly more security than non-TPM modes of operation. That's because the keys are secured in the hardware rather than in software, making them harder to tamper with or steal.

Also teaming up with TPM for data encryption are hard drives capable of handling data encryption and decryption internally, such as Seagate Momentus FDE.2 drives. This is one of the few full-disk encryption architectures that would not be vulnerable to the recently publicized "cold-boot" attacks that are able to extract the contents of a computer's memory after it's been powered off and seek out encryption keys.

While disk encryption is a popular use for the TPM chip, it may be the user and machine identification features that steal the show in the long run. With support for multifactor authentication features such as an additional PIN or biometric authentication, TPM can serve as the one-stop shop not only for authenticating a user to a machine, but also as an authentication mechanism for Web applications and business applications that would benefit from strong cryptographic authentication.

The Web is one reason the Trusted Computing Group repurposed itself from the original goals of Trusted Computing Platform Alliance back in 2003. Instead of creating a platform for trusted PC computing, it wanted to be able to integrate the same techniques across a wide variety of uses and platforms.

Of course, integrating TPM into the authentication process for a Web application negates one of the values of Web apps in the first place--they're accessible from any Internet-enabled PC.

This problem may be solved by cell phones, which could act as a soft token to authenticate users. For example, if a user wants to access an online banking application from a strange machine, the bank can send a one-time password to the user's phone. The user would enter this password into the banking app. Meanwhile, the entire process is secured against tampering by TPM's hardware-enabled trusted connection from the server to the PC being used.

Trustworthy computing was supposed to usher in a new era of secure computing, but it got off to a rocky start. Despite that, the latest iteration of hardware-enabled trust promises secure identification, authentication, and encryption, with even more possibilities for the future.

The Trusted Computing Group (successor to the Trusted Computing Platform Alliance) developed and maintains the TPM Specification and is made up of a variety of both software and hardware companies. The current list of core companies includes AMD, HP, IBM, Infineon, Intel, Lenovo, Microsoft, and Sun, though well over 100 other vendors are involved.

TCG has done the right thing, starting ahead of consumer demand and developing an open solution to a problem most customers didn't know they had. A TPM chip enhances a variety of existing security functions with a secure root of trust. The downside is key management complexities, which limit the number of organizations taking advantage of the technology.
Imagine a software-as-a-service vendor able to leverage a secure hardware token in mobile devices for user authentication. The additional layer would provide a level of security analogous to a secure hardware token with a cost approaching the more inexpensive software token. This assumes, of course, that the SaaS vendor was able to develop a manageable process for enrolling the customer's mobile devices into its encryption infrastructure.

This leads directly into the weak spot for TPM--key management. Managing the keys protected by a TPM chip is almost identical to any other encryption platform. Not only must those TPM-generated keys support the usual enterprise key management features--such as enrollment and revocation, and key recovery in case of lost PINs--but there are issues unique to TPM, such as maintaining system state when upgrading, as changes may upset the ability of the module to produce a valid key for an encrypted system.

Some standalone software tools already are available for IT to manage the Trusted Platform Module. For example, Microsoft offers some free TPM management tools. And a large number of OEMs that manufacture PCs and laptops ship Wave Systems' Embassy Trust Suite, which is capable of providing a variety of services to maintain the module itself. However, more powerful management capabilities might require an upgrade to one of Wave's enterprise-level products.

Even without an enterprise management platform, however, some organizations may be able to take advantage of the number of TPM chips deployed in their environment right now. The Trusted Computing Group Web site offers a series of white papers on using TPM with existing enterprise systems such as wireless networks, VPNs, and network access control.

While it's important to consider the extra management effort involved, it's definitely worth examining what you can use for free with the built-in tools along with the module.

Continue to the sidebar:
TPM: A Matter Of Trust

2 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Firms Improve Threat Detection but Face Increasingly Disruptive Attacks
Robert Lemos, Contributing Writer,  2/20/2020
Ransomware Damage Hit $11.5B in 2019
Dark Reading Staff 2/20/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-02-26
Moxa ioLogik 2542-HSPA Series Controllers and IOs, and IOxpress Configuration Utility ioLogik 2500 series firmware, Version 3.0 or lower IOxpress configuration utility, Version 2.3.0 or lower. Sensitive information is stored in configuration files without encryption, which may allow an attacker to a...
PUBLISHED: 2020-02-26
NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access.
PUBLISHED: 2020-02-26
OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers.
PUBLISHED: 2020-02-26
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of arguments passed to a spe...
PUBLISHED: 2020-02-26
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could expl...