Trusted Computing Group

The Trusted Computing Group (TCG ) is an industry driven by the standardization organization that develops an open standard for trusted computing platforms. She has adopted the standardization work of the former Trusted Computing Platform Alliance ( TCPA ) in 2003 and continues with it.

• 3.1 Overview of the specifications
• 3.2 Main components of the TCG specification 3.2.1 Trusted Platform Module ( TPM)
• 3.2.2 Core Root of Trust for Measurement ( CRTM )

• 9.1 per Trusted Computing
• 9.2 Contraindications Trusted Computing

Objective

The detailed objectives of the TCG is defined on their website as follows:

" Trusted Computing Group members develop and promote open, vendor- neutral, industry standard specifications for trusted computing building blocks and software interfaces across multiple platforms. "

Translation:

"Members of the TCG develop and promote open, manufacturer - independent industry standard specifications for cross-platform trusted computing building blocks and software interfaces. "

With "Trust" in this case the expectation is meant a device or software that it behaves for a particular purpose in a predefined manner.

Such a " Trusted Platform " should be able to see clearly, according to this definition changes in a computer platform and thus identify both external software attacks and changes through configuration, malfunctions, security issues and influences of its own operating system or application programs clearly.

The response to such a change is to be effected by an appropriate, secure operating system. This operating system is explicitly not part of the TCG specification, which defines itself as an operating system - agnostic.

Hidden interests

In addition to formulated, focused on the interests of users of the platforms objectives and the objective of the widest possible protection of copyright and patent rights is the goal of the industry. Just a not to be manipulated in all functions platform provides a guarantee that additional security measures and security mechanisms at the level of the operating system and the application levels can not be undermined. Such security measures include solutions such as copy protection, rights management, license check and references.

Organizational structure

The organizational structure of TCG circumvents the limitation of the predecessor organization TCPA, the unanimity required in the decisions and thus blocked himself. Instead, apply in the TCG qualified majorities.

In the TCG, there are three groups of members. Classification into one of the groups brings besides the different membership fees also different rights with it:

• The " adopters " ( 8,250 U.S. dollars contribution per year) get access to the draft specifications and other non-public information, but they have no voting rights. For companies with less than 100 employees, reduced the membership fee to $ 1,000 per year.
• Members of the " Contributors " ( 16,500 U.S. dollars per year contribution ) may in addition, participate in the working groups that are developing new specifications. They also elect two representatives from among their number who represent this group in the Board ( the "Board of Directors " ), where they are actively involved in decisions.
• The exclusive group of " promoters" ( 55,000 U.S. dollar contribution per year) has fixed seats in the board and the Workgroups and decides on the admission / appointment of new firms in this group. Members are AMD, Hewlett -Packard, IBM, Infineon (recently and the only European company ), Intel, Lenovo, Microsoft and Sun.

The Steering Committee, the " board of directors " consists of the group of promoters and two members elected by the members Contributor company currently Wave Systems and Seagate.

In addition, other Member forms have been established to enable the scientific sector free access to the technology in recent years. As a result of these considerations, a so-called " Liaison Program " was introduced, interested, qualified organizations such as universities, a free membership, but without a vote, allows.

The TCG also has an independently occupied " TCG Advisory Council " set up. There is also a mentor program, consult in the universities by qualified TCG members and informed.

The work in the TCG will be provided in the individual workgroups, to cover such activities the entire field of computer platforms. The TCG currently has about 120 members.

Details of the specification

Overview of the specification

The first important specification was published in July 2001 by the TCPA. The work has since progressed: there are a total of 40 adopted and published individual specifications, and white papers, further documents are in work. The total amount is over 1200 pages.

The specifications are arranged in groups:

• Best Practices and Principles
• Trusted Platform Module (TPM ) Specifications, the security core element for Trusted Platforms
• TPM Software Stack (TSS ) Specifications, the driver and API Stack for TPM
• PC Client Specifications
• Infrastructure Specifications
• Server Specifications for trusted computer server
• Trusted Network Connect (TNC ) Specifications, an extension of existing security communication protocols, which also contains information on implemented security policies and platform states.

Currently, communication is carried out at the specifics of Transportation work especially in the area of ​​Mobile.

Main components of the TCG specification

The basis for the TCG specifications of trusted computing platform two security extensions of standard computer platforms: the Trusted Platform Module and the Core Root of Trust Measurement.

Trusted Platform Module ( TPM)

The TPM is an additional computer security chip ( comparable to a secure smart card chip) on the motherboard, for example, a personal computer that provides the basic computer security mechanisms:

The TPM chip generates and stores the cryptographic keys and certificates, signed data objects and verify their signature, and provides other support functions as monotonic counter, locality function and backup and migration functions for the key material.

The TPM is a passive element that needs to be instructed by the host system to abzubspeichern data safe or perform the functions mentioned. He can not interrupt the program run or stop the main processor. The use of said TPM functions must be performed by a suitable trusted operating system and the relevant application software.

The specifications provide that the TPM can be requested by the user at any time switched on via a BIOS function off or on and off also in active operation by the user.

Core Root of Trust for Measurement ( CRTM )

A BIOS extension called Core Root of Trust for Measurement ( CRTM ) is the first stage of a secure boot process dar. Starting with the CRTM each the integrity of each following code section is measured with a hash function and the measured value is then signed and secure digital stored in the TPM. This is done hierarchically, starting with the CRTM in the BIOS, and then sits down step by step to higher system layers towards continued: Rest BIOS boot routine, the operating system loader, kernel, device drivers up to the application programs. This can be checked but also from external server after booting from the application programs or whether the boot process is safe expired, no boot virus or the like is present and if the operating system has started properly.

It is important that these features are not included in the TPM, but in the loader or operating system: this use for these functions, in turn, the capabilities of the TPM. For each operating system, this function must be created individually and are implemented in the boat part of the operating system.

Available Hardware

Trusted Platform Module ( TPM) are now offered in the form of discrete or integrated Atmel, Broadcom, Infineon, Sinosun, STMicroelectronics and Winbond.

IBM notebooks come with TPM chips since early 2003. In December 2003, Intel introduced the first motherboard ( D865GRH ) with TPM. Meanwhile equipped computer by most manufacturers are available after the TCG standard.

Criticism

The safety requirements for the central module Trust, the TPM, it has mainly to the lower requirements of the American market for comparable products, such as security smart card oriented. While one is the security implementation of similar security modules such as smart cards chips from European manufacturers as standard according to the Common Criteria (CC ) EAL 5 certified, and thus the corresponding technology widely available, the official TCG specification only requires a certification according to CC EAL4, a value can meet the other vendors. It was not aimed at what is technically possible, but the commercially Desirable here. However, evaluated according to CC products are internationally mutually recognized only to EAL4.

The hash computation used in the digital signature of the TCG SHA -1 is now regarded under certain conditions as theoretically vulnerable. Critics complain that the TCG specifications so in the future could be safety- prone and can no longer fulfill the true meaning of a secure platform. In the case mentioned theoretical weaknesses but there is collision attacks, while a pre-image attack would require a TPM, which is virtually impossible.

So far there are no compliance program, with which it can be checked whether the particular implementation of the TCG specification ( both the TPM hardware as well as software modules ) from different vendors meets the specification. Other technologies (such as USB ) introduced and tested options would be, for example, third-party evaluation or self - evaluation with official test vector sets. It therefore lacks the potential users an easy way (unless you test yourself) to learn whether because contained in a product according to TCG specification and TCG is (eg quality certificate on the basis of defined rules and oversee this process ). In spring 2006, but the TCG has worked intensively on a compliance program, and had already provided a first draft of such a program to the public.

The long initial phase of the formation of the specifications that have been adopted and published only after intense internal debate, has led to a great mistrust among the public. Here, it was omitted to inform the public through timely, easy to understand and easy summaries and specialist editors to help in the creation of quality articles. Since the adopted and published specifications more than 1200 pages have reached circumference, one is to obtain an overview rely ultimately on appropriate external literature.

Other criticisms often sparked by the basic technology of trusted computing and the so actionable, among other Digital Rights Management. However, the respective criticism is mostly independent of the TCG itself, and is dealt with in the relevant articles.