Abstract
In this chapter, we describe attempts at unifying the worlds of hardware and software in which the behaviour of software is controlled by security hardware. We look at technologies born out of the trusted computing movement, describing one of the key technology enablers: the Trusted Platform Module (TPM) specifications from the Trusted Computing Group. We review several widely deployed commercial technologies that use TPMs to build environments in which applications can be executed on an initially untrusted system. Among these technologies, we look at Intel Trusted Execution Technology (Intel TXT) and AMD’s Secure Virtual Machine (AMD SVM) and Secure Encrypted Virtualisation (AMD SEV). Lastly, we discuss several academic and industry projects that, while not commercially deployed, were still influential in the development of modern trusted execution environments.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
For information about the precise functions exposed by SIM cards, see the TS 131 102 [1] standard by the European Telecommunications Standards Institute (ETSI), which maintains specifications as part of the 3rd Generation Partnership Project (3GPP).
- 2.
Formally known as the Trusted Computing Platform Alliance between 1999–2003.
- 3.
The notion of a TCB is not restricted to just TPMs; the concept applies to trusted computing platforms more generally. A generic approach to building TEEs is to build a reasonable TCB for maintaining a trusted environment in which applications can execute with additional security assurances.
- 4.
A “monotonic” counter is one whose value can only increase but not decrease (or decrease but not increase).
- 5.
This is firmware that executes on the TPM itself, not the host machine.
- 6.
What is deemed “moderate” attack potential—or, indeed, “low” or “high”—is derived using a scoring system that considers an attacker’s expertise, knowledge of the target, security testing equipment, and other elements. We refer to [17] and Sect. 4.3.1 of Chap. 4 for more precise details about the definitions of each EAL.
References
European Telecommunications Standards Institute, ETSI TS 131 102 (version 15.8.0) (2020). https://www.etsi.org/deliver/etsi_ts/131100_131199/131102/15.08.00_60/ts_131102v150800p.pdf
Trusted Computing Group (TCG), Member companies (2023). https://trustedcomputinggroup.org/membership/member-companies/
Trusted Computing Group (TCG), TCG Glossary 1.1, Rev. 1.00 (2017)
Trusted Platform Module Library Family “2.0” Specification: Parts 1–4 and Code, Rev. 1.59 (2019). https://trustedcomputinggroup.org/wp-content/uploads/Trusted-Platform-Module-Library-Family-2.0-Level-00-Revision-1.59_pub.zip
International Standards Organisation, ISO/IEC 11889—Information technology—Trusted platform module library (2015)
Trusted Computing Group (TCG), TPM Library Specification Family “2.0”—Protection Profile PC Client Specific TPM (2021). https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PP_1p3_for_Library_1p59_pub_29sept2021.pdf
Trusted Computing Group (TCG), TCG TSS 2.0 Overview and Common Structures Specification (2019). https://trustedcomputinggroup.org/wp-content/uploads/TSS_Overview_Common_v1_r10_pub09232021.pdf
TCG Trusted Platform Module Library Part 3: Commands (2019). https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part3_Commands_code_pub.pdf
tpm2-software community, Linux TPM2 & TSS2 Software (2023). https://tpm2-software.github.io
P. Kleissner, Stoned bootkit, in Black Hat USA (2009), pp. 5–7
Trusted Computing Group (TCG), TCG PC Client Platform TPM Profile Specification for TPM 2.0 (version 1.05, revision 14) (2020). https://trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2p0-v1p05p_r14_pub.pdf
E. Brickell, J. Camenisch, L. Chen, Direct anonymous attestation, in Proceedings of the 11th ACM Conference on Computer and Communications Security (2004), pp. 132–145
E. Brickell, L. Chen, J. Li, A new direct anonymous attestation scheme from bilinear maps, in Proceedings of the 1st International Conference on Trusted Computing and Trust in Information Technologies (Springer, Berlin, 2008), pp. 166–178
W. Arthur, D. Challener, K. Goldman, W. Arthur, D. Challener, K. Goldman, History of the TPM, in A Practical Guide to TPM 2.0: Using the New Trusted Platform Module in the New Age of Security (2015), pp. 1–5
D. Gligoroski, S. Andova, S.J. Knapskog, On the importance of the key separation principle for different modes of operation, in Proceedings of the 4th Conference on Information Security Practice and Experience (Springer, Berlin, 2008), pp. 404–418
Trusted Computing Group (TCG), TPM Main: Part 1 Design Principles (Version 1.2) (2003). https://trustedcomputinggroup.org/wp-content/uploads/tpmwg-mainrev62_Part1_Design_Principles.pdf
Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Requirements; Version 3.1, Revision 5, CCMB-2017-04-003 (2017)
AMD, AMD64 Architecture Programmer’s Manual Volume 2: System Programming (2023). https://www.amd.com/system/files/TechDocs/24593.pdf
Intel, Inc., IntelⓇ64 and IA-32 Architectures Software Developer’s Manual—Volume 2D: Instruction Set Reference (2016). https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-2d-manual.pdf
ARM, DRTM architecture for ARM (2022). https://developer.arm.com/documentation/den0113/b
Trusted Computing Group (TCG), TCG D-RTM Architecture (version 1.0) (2013). https://trustedcomputinggroup.org/wp-content/uploads/TCG_D-RTM_Architecture_v1-0_Published_06172013.pdf
A. Carroll, M. Juarez, J. Polk, T. Leininger, Microsoft Palladium: a business overview, in Microsoft Content Security Business Unit, vol. 5 (2002). https://download.microsoft.com/documents/australia/corporateaffairs/palladium_white_paper_public.pdf
M. Peinado, Y. Chen, P. England, J. Manferdelli, NGSCB: a trusted open system, in 9th Australasian Conference on Information Security and Privacy (Springer, Berlin, 2004), pp. 86–97
ExtremeTech, Microsoft’s Palladium: A new security initiative (2002). https://www.extremetech.com/extreme/51450-microsofts-palladium-a-new-security-initiative
Q. Liu, R. Safavi-Naini, N.P. Sheppard, Digital rights management for content distribution, in Conferences in Research and Practice in Information Technology Series, vol. 34 (2003), pp. 49–58
E. Mills, Whatever happened to Microsoft’s DRM plan? (2008). https://www.cnet.com/culture/whatever-happened-to-microsofts-drm-plan/
N. Ferguson, AES-CBC+ Elephant diffuser: a disk encryption algorithm for Windows Vista (2006). https://www.cise.ufl.edu/~nemo/cis4360/refs/bitlocker.pdf
Microsoft, BitLocker overview (2022). https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview
Microsoft, BitLocker countermeasures (2022). https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-countermeasures
Intel, Inc., Intel Trusted Execution Technology (Intel TXT): Software Development Guide—Measured Launch Environment Developer’ Guide (2022)
Intel, Inc., Intel Trusted Execution Technology (TXT) (2018). https://www.intel.com/content/www/us/en/developer/articles/tool/intel-trusted-execution-technology.html
Intel, Inc., IntelⓇTrusted Execution Technology (IntelⓇTXT) Enabling Guide (2014)
AMD, Secure Encrypted Virtualization API (version 0.24) (2020). https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf
AMD, AMD SEV-SNP: Strengthening VM isolation with integrity protection and more (2020). https://www.amd.com/system/files/TechDocs/SEV-SNP-strengthening-vm-isolation-with-integrity-protection-and-more.pdf
P. Kocher, J. Horn, A. Fogh, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, et al., Spectre attacks: exploiting speculative execution. Commun. ACM 63(7), 93–101 (2020)
J.M. McCune, B.J. Parno, A. Perrig, M.K. Reiter, H. Isozaki, Flicker: an execution infrastructure for TCB minimization, in Proceedings of the 3rd ACM SIGOPS European Conference on Computer Systems (2008), pp. 315–328
J.M. McCune, Y. Li, N. Qu, Z. Zhou, A. Datta, V. Gligor, A. Perrig, TrustVisor: efficient TCB reduction and attestation, in IEEE Symposium on Security and Privacy (IEEE, New York, 2010), pp. 143–158
OpenHub, Xen Project (Hypervisor) (2023). https://www.openhub.net/p/xenproject-hypervisor/analyses/latest/languages_summary
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Shepherd, C., Markantonakis, K. (2024). Building Execution Environments from the Trusted Platform Module. In: Trusted Execution Environments. Springer, Cham. https://doi.org/10.1007/978-3-031-55561-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-031-55561-9_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-55560-2
Online ISBN: 978-3-031-55561-9
eBook Packages: Computer ScienceComputer Science (R0)