1 00:00:00,350 --> 00:00:01,970 Root of Trust. 2 00:00:01,970 --> 00:00:03,740 In this lesson, we're going to talk about 3 00:00:03,740 --> 00:00:07,400 the concept of a hardware Root of Trust or ROT. 4 00:00:07,400 --> 00:00:09,240 Now, this is a cryptographic module 5 00:00:09,240 --> 00:00:11,100 embedded within a computer system 6 00:00:11,100 --> 00:00:12,850 that can endorse trusted execution 7 00:00:12,850 --> 00:00:15,300 and attest to boot settings and metrics. 8 00:00:15,300 --> 00:00:17,430 Now, this may sound like a complicated concept, 9 00:00:17,430 --> 00:00:19,920 but you use a root of trust all the time. 10 00:00:19,920 --> 00:00:22,710 If you think about your TPM module inside your BIOS, 11 00:00:22,710 --> 00:00:24,320 that is a root of trust. 12 00:00:24,320 --> 00:00:26,230 Essentially, a root of trust is used 13 00:00:26,230 --> 00:00:28,070 to scan the boot metrics to the system 14 00:00:28,070 --> 00:00:29,540 and the operating system files, 15 00:00:29,540 --> 00:00:31,080 and it verifies their signatures. 16 00:00:31,080 --> 00:00:33,070 And then we can use that root of trust 17 00:00:33,070 --> 00:00:34,670 to sign a digital report, 18 00:00:34,670 --> 00:00:36,430 to send that over to the processor and say, 19 00:00:36,430 --> 00:00:37,870 I trust these things. 20 00:00:37,870 --> 00:00:39,930 Essentially, it's a digital certificate, 21 00:00:39,930 --> 00:00:41,720 but it's embedded inside your processor 22 00:00:41,720 --> 00:00:43,310 or inside your firmware. 23 00:00:43,310 --> 00:00:46,020 Now, as I mentioned earlier, the most common root of trust 24 00:00:46,020 --> 00:00:49,310 is a trusted platform module or TPM. 25 00:00:49,310 --> 00:00:51,650 This is a specification for hardware-based storage 26 00:00:51,650 --> 00:00:54,680 of digital certificates, keys, hash passwords, 27 00:00:54,680 --> 00:00:57,660 and other user and platform identification information. 28 00:00:57,660 --> 00:00:59,780 Yeah, as you look inside of a TPM, 29 00:00:59,780 --> 00:01:02,530 there are lots of different functions inside of it. 30 00:01:02,530 --> 00:01:03,720 First, it's going to provide you 31 00:01:03,720 --> 00:01:05,600 with a secured input and output. 32 00:01:05,600 --> 00:01:08,070 Then, we have this cryptographic processor 33 00:01:08,070 --> 00:01:10,530 that provides us with a true random number generator. 34 00:01:10,530 --> 00:01:12,160 It has an RSA key generator, 35 00:01:12,160 --> 00:01:14,030 it has a SHA-1 hash generator, 36 00:01:14,030 --> 00:01:16,770 and encryption decryption signature engines. 37 00:01:16,770 --> 00:01:19,230 In addition to that, we also have persistent memory 38 00:01:19,230 --> 00:01:20,960 and inside of that, we have an endorsement key, 39 00:01:20,960 --> 00:01:24,510 which is a digital key and a Storage Root Key or an SRK. 40 00:01:24,510 --> 00:01:26,260 And then we have versatile memory. 41 00:01:26,260 --> 00:01:27,270 This includes things like 42 00:01:27,270 --> 00:01:30,420 Platform Configuration Registers or PCRs, 43 00:01:30,420 --> 00:01:33,970 Attestation Identity Keys or AIKs, and storage keys. 44 00:01:33,970 --> 00:01:35,400 Now, do you have to memorize all 45 00:01:35,400 --> 00:01:37,750 of these different things on this chart for TPM, 46 00:01:37,750 --> 00:01:38,770 for the exam? 47 00:01:38,770 --> 00:01:39,900 Well, not really. 48 00:01:39,900 --> 00:01:42,140 Instead, you really need to remember that TPM, 49 00:01:42,140 --> 00:01:45,900 the trusted platform module, is this part of your system 50 00:01:45,900 --> 00:01:47,610 that allows you to have the ability 51 00:01:47,610 --> 00:01:50,490 to ensure that when you're booting up, it is done securely 52 00:01:50,490 --> 00:01:52,700 and we can take those reports and digitally sign them 53 00:01:52,700 --> 00:01:54,150 using the TPM. 54 00:01:54,150 --> 00:01:56,470 TPM is also used with full disk encryption, 55 00:01:56,470 --> 00:01:58,740 so if you're using something like BitLocker and windows, 56 00:01:58,740 --> 00:02:02,010 it uses TPM and that key inside of TPM 57 00:02:02,010 --> 00:02:04,320 to make sure that data is secure. 58 00:02:04,320 --> 00:02:05,800 Now, when you're dealing with TPM, 59 00:02:05,800 --> 00:02:08,490 your TPM can be managed inside of Windows 60 00:02:08,490 --> 00:02:11,980 using TPM.MSC, which is a console 61 00:02:11,980 --> 00:02:13,950 or you could do it through group policy. 62 00:02:13,950 --> 00:02:16,800 Either of these are ways you can configure TPM. 63 00:02:16,800 --> 00:02:18,030 Now, for the exam, 64 00:02:18,030 --> 00:02:19,210 you don't need to go in depth 65 00:02:19,210 --> 00:02:20,690 of how to configure these things. 66 00:02:20,690 --> 00:02:23,030 In the real world, you may be asked to work on this. 67 00:02:23,030 --> 00:02:24,160 And if so, you could look up 68 00:02:24,160 --> 00:02:27,050 the documentation at microsoft.com. 69 00:02:27,050 --> 00:02:28,500 Now, the other thing we need to talk about here 70 00:02:28,500 --> 00:02:30,610 is a hardware security module. 71 00:02:30,610 --> 00:02:32,030 This is an appliance for generating 72 00:02:32,030 --> 00:02:34,700 and storing cryptographic keys that is less susceptible 73 00:02:34,700 --> 00:02:36,550 to tampering and insider threats than 74 00:02:36,550 --> 00:02:38,500 using storage-based solutions. 75 00:02:38,500 --> 00:02:40,550 So, typically, when we do encryption, 76 00:02:40,550 --> 00:02:43,860 we do that using some sort of a long key, right? 77 00:02:43,860 --> 00:02:45,660 And so I might type in a long password 78 00:02:45,660 --> 00:02:47,400 and that becomes my key. 79 00:02:47,400 --> 00:02:49,650 Well, the problem with that is it's a lot easier 80 00:02:49,650 --> 00:02:51,150 to crack those things 81 00:02:51,150 --> 00:02:54,060 because that key could be compromised by an insider 82 00:02:54,060 --> 00:02:55,730 or by somebody telling somebody else it 83 00:02:55,730 --> 00:02:57,910 or typing it in or something of that nature. 84 00:02:57,910 --> 00:03:00,640 Now, there are lots of different ways to create an HSM, 85 00:03:00,640 --> 00:03:02,700 they come in lots of different form factors. 86 00:03:02,700 --> 00:03:04,010 For example, here on the screen, 87 00:03:04,010 --> 00:03:06,370 you could see nCipher and there's three different models. 88 00:03:06,370 --> 00:03:08,590 We have one that's an internal card that can be put in, 89 00:03:08,590 --> 00:03:10,300 there's one that has a rack mounted system, 90 00:03:10,300 --> 00:03:11,190 and then there's one that's more 91 00:03:11,190 --> 00:03:13,020 of an Internet of things type of solution. 92 00:03:13,020 --> 00:03:15,080 The real advantage of these types of systems 93 00:03:15,080 --> 00:03:16,400 is that they are automated 94 00:03:16,400 --> 00:03:18,490 and that means the keys cannot be compromised 95 00:03:18,490 --> 00:03:20,100 by human involvement who are removing 96 00:03:20,100 --> 00:03:22,090 the person from the equation and ensuring 97 00:03:22,090 --> 00:03:24,030 the systems are secure. 98 00:03:24,030 --> 00:03:25,450 Now, another thing we need to think about 99 00:03:25,450 --> 00:03:27,300 is how do we make sure people can't tamper 100 00:03:27,300 --> 00:03:28,640 with our different devices? 101 00:03:28,640 --> 00:03:30,810 Well, that's where the concept of anti-tamper 102 00:03:30,810 --> 00:03:31,940 comes into play. 103 00:03:31,940 --> 00:03:34,080 These are methods that make it difficult for an attacker 104 00:03:34,080 --> 00:03:37,260 to alter the authorized execution of software. 105 00:03:37,260 --> 00:03:38,640 Now, if you think about anti-tamper 106 00:03:38,640 --> 00:03:40,070 and you think about the physical world, 107 00:03:40,070 --> 00:03:42,690 you buy a thing like aspirin and you open up the bottle. 108 00:03:42,690 --> 00:03:45,570 What do you see on top? That sealed layer that says, 109 00:03:45,570 --> 00:03:46,540 this has been protected, 110 00:03:46,540 --> 00:03:48,650 this is sealed for your protection. 111 00:03:48,650 --> 00:03:50,260 This is an anti-tamper device. 112 00:03:50,260 --> 00:03:51,690 Because if you pull that seal off, 113 00:03:51,690 --> 00:03:53,170 you can't put it back on. 114 00:03:53,170 --> 00:03:54,470 And so, this shows you that somebody 115 00:03:54,470 --> 00:03:57,020 has either been in the bottle or not been in the bottle, 116 00:03:57,020 --> 00:03:59,630 but we want to do the same thing within our electronics. 117 00:03:59,630 --> 00:04:01,530 And there are two main ways of doing that. 118 00:04:01,530 --> 00:04:02,970 We have anti-tamper mechanisms 119 00:04:02,970 --> 00:04:04,820 that include things like an FPGA, 120 00:04:04,820 --> 00:04:06,940 which is a Field Programmable Gate Array 121 00:04:06,940 --> 00:04:10,820 or a physically unclonable function or PUF. 122 00:04:10,820 --> 00:04:12,780 Both of these are anti-tamper mechanisms 123 00:04:12,780 --> 00:04:15,540 that could be used and designed inside your systems. 124 00:04:15,540 --> 00:04:18,280 This means that if somebody tries to tamper with the system, 125 00:04:18,280 --> 00:04:19,800 what these things will do is actually 126 00:04:19,800 --> 00:04:21,600 zero out your cryptographic key, 127 00:04:21,600 --> 00:04:24,260 which then can automatically wipe out the information 128 00:04:24,260 --> 00:04:26,350 on that system, making sure you know 129 00:04:26,350 --> 00:04:27,450 it's been tampered with 130 00:04:27,450 --> 00:04:30,090 and therefore, nobody can get the information. 131 00:04:30,090 --> 00:04:31,270 That's the idea when you start using 132 00:04:31,270 --> 00:04:32,583 things like anti-tamper.