Welcome back. Let's dive right in. Another interesting application of cryptography concepts is the trusted platform module or TPM. This is a hardware device that's typically integrated into the hardware of a computer that's a dedicated crypto processor. TPMs offer secure generation of keys, random number generation, remote attestation, and data binding and seiling. A TPM has unique secret RSA key burned into the hardware at the time of manufacturer, which allows the TPM to perform things like hardware authentication. This can detect unauthorized hardware changes to a system. Remote attestation is the idea of a system authenticating its software and hardware configuration to a remote system. This enables the remote system to determine the integrity of the remote system. This can be done using a TPM by generating a secure hash of the system configuration using the unique RSA key embedded in the TPM itself. Another use of the secret hardware backed encryption key is data binding and sealing, it involves using the secret key to derive a unique key that's then used for encryption of data. Basically, this binds the encrypted data to the TPM and by extension the system the TPM is installed in, since only the key stored in hardware in the TPM will be able to decrypt the data. Data sealing is similar to binding since data is encrypted using the hardware backed encryption key. But, in order for the data to be decrypted, the TPM must be in a specified state. TPM is a standard with several revisions that can be implemented as a discrete hardware chip, integrated into another chip in the system, implemented in firmware software or virtualized in a hyper visor. The most secure implementation is the discrete chip since these chip packages also incorporate physical tamper resistance to prevent physical attacks on the chip. Mobile devices have something similar referred to as a secure element similar to a TPM. It's a tamper resistant chip often embedded in the microprocessor or integrated into the main board of a mobile device. It supplies secure storage of cryptographic keys and provides a secure environment for applications. An evolution of secure elements is the trusted execution environment or TEE, which takes the concept a bit further. It provides a full-blown isolated execution environment that runs alongside the main OS. This provides isolation of the applications from the main OS and other applications installed there. It also isolates secure processes from each other when running in the TEE. TPMs have received criticism around trusting the manufacturer. Since the secret key is burned into the hardware at the time of manufacturer, the manufacturer would have access to this key at the time. It is possible for the manufacturer to store the keys that could then be used to duplicate a TPM that could break the security the module is supposed to provide. There's been one report of a physical attack on a TPM which allowed a security researcher to view and access the entire contents of a TPM. But this attack required the use of an electron microscope and micron precision equipment for manipulating the TPM circuitry. While the process was incredibly time intensive and required highly specialized equipment, it proved that such an attack is possible, despite the tamper protections in place. TPMs are most commonly used to ensure platform integrity, preventing unauthorized changes to the system either in software hardware and full disk encryption, utilizing the TPM to protect the entire contents of the disc. Full disk encryption or FTE as you might have guessed from the name is the practice of encrypting the entire drive of the system, not just sensitive files in the system. This allows us to protect the entire contents of the disc from data theft or tampering. Now, there are a bunch of options for implementing FTE. Like the commercial product, PGP, Bitlocker from Microsoft, which integrates very well with TPM. Filevault 2 from Apple and the open source software, dm-crypt, which provides encryption for Linux systems. An FTE D configuration will have one partition or logical partition that holds the data to be encrypted, typically, the root volume, where the OS is installed. But, in order for the volume to be booted, it must first be unlocked at boot time. Because the volume is encrypted, the BIOS can't access data on this volume for boot purposes. This is why FTE configurations will have a small unencrypted boot partition that contains elements like the kernel, bootloader and a NRD. At boot time, these elements are loaded which then prompts the user to enter a pass phrase to unlock the disk and continue the boot process. FTE can also incorporate the TPM, utilizing the TPM encryption keys to protect the disk. And, it has platform integrity to prevent unlocking of the disk if the system configuration has changed. This protects against attacks like hardware tampering and disk theft or cloning. Before we wrap up this module on encryption, I wanted to touch base on the concept of random. Earlier, when we covered the various encryption systems, one commonality kept coming up that these systems rely on. Did you notice what it was? That's okay if you didn't. It's the selection of random numbers. This is a very important concept in encryption. Because if your number selection process isn't truly random, then there can be some kind of pattern that an adversary could discover through close observation and analysis of encrypted messages over time. Something that isn't truly random is referred to as pseudorandom. It's for this reason that operating systems maintain what's referred to as an entropy pool. This is essentially a source of random data to help seed random number generators. There's also dedicated random number generators and pseudorandom number generators, that can be incorporated into a security appliance or server. To ensure that truly random numbers are chosen when generating cryptographic keys. So, I hope you found these topics in cryptography interesting and informative. I know I did when I first learned about them.
