Welcome back, everyone. This is the last week of the course. We will cover some good practice in security design and emergent hardware security topics. We will talk about the Trusted platform module or TPM with focus on its crypto-key generation and the management structure. Then we will learn the basic concepts of physical unclonable function. We will discuss the vulnerabilities attached and the counter measures in FPGA design and FPGA-based assistance. We will conclude week, and the course with a brief overview of the role that hardware plays in security and trust. We will need some basic knowledge of digital logic design to understand the physical and global function. As revealed on physical attacks, IP protections, and hardware Trojan will be helpful for the materials related to the FPGA system security. Trust Platform Module or TPM in short refers to both the set of specifications for a secure crypto-processor. And the implementation of these specifications on a chip. We will focus our discussion on the TPS chips. The specifications can be found in the webpage of the Trusted Computing Group. TPM chips can being stored on the motherboard and is used in almost all of the PCs, laptops, and smartphones. It is suggested to use TPM together with firewalls, antivirus software, smart card and biometric verification. Many companies are making their own TPM chips. A TPM chip's main function include secure generation of cryptographic keys, protection of these keys, generating pseudo-random numbers. Hardware authentication, sealed storage of password keys and a digital certificates, and remote attestation. Remote attestation allows changes to the user's computer to be detected by authorized parties. TPM has many types of keys. Among them, the Endorsement Key is perhaps the most important one. This is a RSA public private key pair. It is created only once to the lifetime of the TPM. Normally, it is generated by the TPM manufacturer after the TPM chip is fabricated and tested. The private key is stored inside the TPM and can be used internally for a decryption. It will never be revealed or as, accessed outside the P, TPM. The storage's root key or SRK is another important key stored inside the TPM. It is created when the TPM's ownership is created. The TPM's endorsement key and the user's specified password will be used to generate the SRK. The attestation iden, identify key or AIK is an another RSA key pair designed for attestation. The public key will be designed, will be signed by the endorsement key. Then it will be said, sent to a trusted certificate authority or known as CA. The CA will validate the endorsement key and issue a certificate for the test, for the attestation identity key. TPM will authenticate itself using this certificate. This is the start after direct anonymous attestation. Storage key are asymmetric keys used for encrypting data or other keys. This encryption process is sometimes referred, referred to as wrapping. Signing keys are general purpose keys used to, to sign, and to sign applications, data or messages. Binder keys are used to encrypt a small amount of data or key on one platform and to decrypt it on another platform. Authentication keys are symmetric keys used, used to protect transport sessions involving the TPM. Legacy keys are keys which can be exported to another TPM after creation and may be used for signing and encryption operations. They are referenced to specific users and their application fields. Based on whether a key can be transferred from one TPM to another, the TPM keys will have, will have one of the following attributes. The non-migrate, migratable keys, or NMK, are those created for one TPM and cannot be migrated or exported to another TPM. They are stored in TPMs shielded locations,. And then, the TPM can create certificate for non-migratable keys. Migratable keys or MK are the keys that are not generated for a specific TPM. They can be generated either inside or outside a TPM. They can be integrated inside a TPM or moved from one TPM to another one. Migratable keys are only trusted by the party who generate them. Certified Migratable keys or CMK are generated inside a TPM like a non-migratable keys. But they can been migrated to another TPM. At the time when they are created, the creator has to pick up a migration authority, or MA, or migration selection authority, or MSA. Which will have the authority to migrate to the key. CMK's can both be migrated and also be considered secure as long as the MSA, and, the MA's to migrate the keys are trusted. Here are some advantages and disadvantages of using TPM. Using TPM it will add security against the physical threat and attacks. It can also give you the convenience with the single sign-on feature. However, there are also a couple of concerns of using TPM. First, it's the biggest concern, is about user privacy. With all the user data stored off TPM, once the TPM is compromised, user sensitive data will be lost. And second, as we have mentioned, there are many many TPM vendors. How can we trust this hardware design process, and how can we trust these vendors? That is under the counsel. So here, there are some useful links about the the TPM. We give the [INAUDIBLE] homepage of the Trusted Computing Group. And how to use TPM with Linux and the TPM and the BitLocker in Windows 8 Operating System. Finally, besides TPM, there are many good secure design practice from most of the leading companies. Such as AMD, Cisco, HP, IBM, Intel, as well as the major FPJ vendors, such as Altara and Zynex. I'm not going to do a commercial for any of them, if you are interested you can easily find them from their web page. On how they can do secure system design.
