< IT Governance, Compliance, Security and Audit from the Pros: TCPA

PDA Logo.gif (6595 bytes)

TCPA: Who Can You Trust?

home

our services

about Peter Davis+Assoc.

contact

security/audit info

Privacy Test

Security & Audit Tools

CyberScribblings

Windows NT Server IIS

Windows 95

Cookies

Java, JavaScript and ActiveX

Intrusion Detection Systems

Security Industry Shakeout

Securing Groupware

Client/Server Audit: One Bite At A Time

Configuring Cisco Denial of Service Security Features - Part 1

Configuring Cisco Denial of Service Security Features - Part 2

Configuring Cisco Lock-and-Key

Configuring Cisco Reflexive Access Lists

Dysfunctional Controls: Useless, Impractical, Inefficient and Poorly-Designed

TCPA: Who Can You Trust?

When Getting the Audit Done Is the Only Thing

Palladium: Friend or Foe?

Commentary: Quis Custodiet Ipsos Custodes?

Data Management: Data Destruction and Preservation

Security & Audit Products
 
Top Ten Security Links 
 
Security & Audit Checklists
 
Computer & Security
Glossary
 
Security & Audit Bibliography 
 
Search Page

legal info

privacy info

Dateline: Toronto, ON, July 2002

Perchance you have seen or heard the acronym TCPA.  So what is TCPA?  Is it an extension of TCP/IP?  Well, no.  TCPA stands for the Trusted Computing Platform Alliance, an initiative led by Intel along with approximately 170 other companies such as HP/Compaq, IBM, and Microsoft. The Alliance intends to develop “a new computing platform for the next century that will provide for improved trust in the PC platform.”  They want you to trust these platforms enough to use them for e-commerce.  By promoting the concept of a trusted subsystem and chains of trust between those systems, it has a good chance of becoming the basic building block for electronic commerce.

TCPA is working towards a system that can establish that a computer is trustworthy, and to identify any tampering with the system—so a previously authenticated computer can’t have unchecked software or hardware added to it that might otherwise compromise its security. 

TCPA sets out to assure three major aspects of trusted computing:

  1. That users are confident that they know to whom and to what entity they are talking;

  2. That the system transfers information accurately; and,

  3. That a snooper cannot invade the privacy of a system, message or transaction.

In other words, TCPA will provide authenticity, integrity, and privacy.

The Alliance released the TCPA implementation specification 1.1 in September of 2001, at http://www.trustedcomputing.org, and the next version is currently under development. The TCPA specification talks about integrity metrics, which are fingerprints or descriptions of characteristics or aspects of a computer or a network. The TCPA chip uses the metrics to prove that an individual component—such as the BIOS or a secure portion of the operating system—is trustworthy, both in the sense that the component is what it claims and that no one has tampered with it.

So, how does TCPA work?  Well, when you boot up your PC, a special chip (affectionately called, the Fritz chip after Senator Fritz Hollings of South Carolina, who is working tirelessly in Congress to make TCPA mandatory for all consumer electronics) takes charge.  The chip checks that it sees the boot ROM it expects, executes it, measures the state of the machine; then checks the first part of the operating system, loads and executes it, checks the state of the machine; and so on and so forth. That is, the BIOS boot block checks the hardware specification of the PC against a known safe metric, and should that match, the system then authenticates the user.  It then checks the operating system loading software. The OS loader, once proven safe, checks the OS kernel. The kernel knows how to check the list of legitimate software, which in turn, can use OS resources to authenticate local and remote data.

Once the chip knows the metric of one item, it can extend the list of things it trusts throughout the system by checking each in turn.  In this fashion, the chip can steadily expand its trust boundary of known and verified hardware and software. The Fritz chip maintains a table of the hardware (for example, audio card, video card, USB device, etc) and the software (for example, O/S, applications, drivers, etc).  It also checks to ensure that the hardware components are on the TCPA approved list, that the software components are signed, and that none of them has a revoked serial number.  When there are significant changes to the PC’s configuration, the machine must go online for re-certification. The result is a PC booted into a known state with an approved combination of hardware and software, with unexpired licences.  The chip then passes control over to enforcement software in the operating system; perhaps Palladium should you have a Windows operating system. 

This is how to build a trusted stand-alone system. And the question of whether to trust a remote platform is an extension of this process: the chip obtains integrity metrics for the remote platform and securely stores them. These metrics can include a hash, that is, an algorithmically derived number unique for a certain configuration, digitally signed by the remote platform. Any attempt to tamper with the remote platform will change the hash number, which then won’t match the trusted version held locally by the system trying to authenticate the remote platform.

There are many practical uses for TCPA.  You could use TCPA to implement much stronger access controls on confidential documents. For example, an army might mandate that its soldiers only create Word documents marked at “Confidential” or above, and that only a TCPA PC with a certificate issued by its own security agency could read such a document. This amounts to mandatory access control, which governments so desire.

Corporations could do this too, to make life harder for whistleblowers and to thwart corporate spies. They could arrange it so that only company PCs could read company documents, unless a suitably authorized person clears them for export. They also could implement time locks.  For instance, they could arrange, for example, that all e-mails vanish after 90 days unless someone makes a positive effort to preserve them. But, in any case, a whistleblower who e-mails a document to the press will achieve little, as the journalist’s Fritz chip can’t decipher it.  And, they would have little value to the company’s competitors since the competition could not read the documents as well.

Organized crime might use the same functionality.  They could arrange that only accredited their PCs could read the spreadsheet with the latest drug shipments, and would vanish at month end. Obviously, this makes life harder for law enforcement, but discussions between the Alliance and governments focus on some kind of access to master keys.

Sounds good in practice, but there always is a catch.  One is system flexibility.  Some programs that give people more control over their PCs, such as VMWare and Total Recorder, likely will not work under TCPA.  Flexibility and TCPA do not go hand in glove that is for sure!

A side effect of relying on digitally signed metrics floating around the Internet is that there’s a possibility that someone could intercept the credentials and use them to find out information about the configuration of the platforms they describe.  To that end, the TCPA allows for a security proxy called an Authenticated Anonymity Website; a trusted third party site that will provide a user with credentials in the form of a certificate.  This confirms that the certification authority knows and trusts the user, but contains no information about the user that someone else could otherwise use.  Anyone wishing to transact with the user could do so anonymously.

Also, TCPA requires modifications to your existing PC hardware architecture to work. TCPA provides for manufacturers to mount a monitoring and reporting component in future PCs. The preferred implementation in the first phase of TCPA is a Fritz chip, that is, a smartcard chip or dongle soldered to the motherboard.

Early versions probably are vulnerable to anyone with the tools and patience to crack the hardware (for example, get clear data traversing the bus between the CPU and the Fritz chip). However, starting with phase 2, the Fritz chip will disappear inside the main processor and things will get a lot harder.  Serious, well-funded attackers most likely could crack it.  However, it’s likely to go on getting more difficult and expensive.  Also, in many countries, cracking Fritz is illegal. In the USA, the Digital Millennium Copyright Act already makes it illegal; while in the European Union, the situation may vary from one country to another, depending on the way nations implement the EU Copyright Directive.

The fundamental issue is that whoever controls the Fritz chips will hold a huge amount of power.  Having this single point of control is like forcing everyone to use the same bank, the same accountant, or the same lawyer. There are many ways that someone could abuse this power.

Some people worry about censorship. The Alliance designed TCPA from the start to support the centralized revocation of pirated software. The Fritz chip can spot and disable pirated software when you try to load it.  But can it disable pirated songs or videos? How do you transfer a song or video that you legitimately purchased from one PC to another, without revoking it on the first machine? The proposed solution is that an application enabled for TCPA, such as a media player or word processor, will have its security policy administered remotely by a server, which will maintain a hot list of bad files. The chip will download the hot list periodically and use it to screen all files that the application opens.  It can revoke files by the content, by the creating-application’s serial number, or by any other criteria.

You’re thinking that unless your system administrator configures your machine so that TCPA is mandatory, you can always turn it off.  Well, yes and no.  You can run your PC with administrator privileges, and use insecure applications.  So, the answer is partially yes.  However, there is one way you can’t turn the TCPA chip off.  You can’t make it ignore pirated software.  Even when the chip knows that the PC is booting in an untrusted mode, it still checks that the operating system isn’t on the serial number revocation list. This has implications for national sovereignty.  Should Saddam Hussein naively upgrade his PCs to use TCPA, the American government could hot list his Windows licences, and thus shut down his PCs.  Booting in untrusted mode won’t help him and his lackeys.  He’d have to dig out old copies of Windows 2000, change to GNU/Linux, or find a way to isolate the Fritz chips from his motherboards without breaking them.

Should you turn TCPA off, then your TCPA-enabled applications won’t work, or won’t work as well.  It’s akin to switching from Windows to Linux nowadays: you may have more freedom, but end up having less choice.  When the applications that use TCPA are more attractive to the majority of people, you may end up simply having to use them; just as Microsoft Word became a de facto standard.

Imagine that everyone in a country known for copyright violation uses the same copy of Office; TCPA will cause every TCPA-compliant PC to refuse to read files created using this pirated program.  A TCPA-compliant application would not load the untrusted document.  So, the pirated software has no value.

But the potential for abuse of TCPA extends far beyond commercial bullying and economic warfare into political censorship.  Some well-intentioned district attorney will get a court order against child pornography or a manual on how to build a dirty bomb.  All TCPA-compliant PCs will delete, or perhaps report, these illegal files.  Seems quite noble on first blush.  Then a litigant in a libel or copyright case will get a civil court order against an offending document; perhaps the Scientologists will seek to blacklist the famous Fishman Affidavit. Once lawyers and government censors realize the potential, the floodgates will open.  It’s a slippery slope as they say.  Who’s to decide what goes on the illegal file list?  Would the US government trust the Chinese to maintain the list?  What about the reverse?  The potential problems are limitless!

TCPA is liable to undermine the General Public License (GPL), used by many authors to distribute free and open source software products.  The IT community designed the GPL to prevent the fruits of communal voluntary labour from being picked by private companies for profit.  Anyone can use and modify software distributed under this licence, but should you distribute a modified copy, you must make it generally available, together with the source code so that other people can make modifications.  Once the majority of PCs on the market are TCPA-enabled, the GPL won’t work as intended.  The benefit for alliance members is not that this will directly kill free software; but that it will indirectly kill it as programmers are less motivated to write free software as they realize that others could rip-off their software for commercial purposes.  So, why bother?

I don’t know about you people, but the TCPA gives me the willies. It’s not an altogether new idea, of course. You might remember the maelstrom surrounding Intel in 1998.  Intel came under fire for its processor ID idea, which enabled software or a Web site to ask your CPU for its unique 64-bit serial number.  Intel switched off this CPU id built into almost every processor since the Pentium III when outraged customers discovered that software and Web sites could record it without their knowledge. Now, you have to download a utility from Intel and switch on the CPU id feature: not that any software or Web sites actually uses the number.

There were two problems with Intel’s CPU id strategy. First, Intel insisted they were merely trying to provide technology that would benefit the consumer and help verify client PCs, but the cynical populous suspected that Intel really desired a way to track stolen chips and spot counterfeits.

Second, Intel didn’t execute the idea well.  People argued that the CPU id as implemented could actually increase fraud rather than cut e-commerce costs.  If e-commerce merchants began to rely on the ID as proof that you really are you, went the argument, then your data could be at risk from thieves who could find a way to have their computer transmit a different number than the one burnt into the Intel microprocessor.

The adverse public reaction seems to have caused them to pause, set up a consortium with Microsoft and others, and seek safety in numbers.  But whatever Intel’s past fumbles, they pale by comparison to Microsoft’s Palladium. Palladium is software that Microsoft says it plans to incorporate in future versions of Windows; it will build on the TCPA hardware, and will add some extra features.

A lot of companies stand to lose out. For example, the European smartcard industry looks likely to be hurt, as the functions now provided by their products migrate into the Fritz chips in your laptop, your PDA and your third generation mobile phones. In fact, much of the information security industry may be upset should TCPA take off.  Other large sections of the information security industry also may become casualties.

All auditors need to analyze the impact of TCPA on their organization and formulate a strategy to deal with it.  You’ll definitely need to develop an implementation plan to ensure a smooth and orderly transition within your organization.  So educate yourself and others.  You can find more information about TCPA at:

TCPA Overview (http://www.trustedcomputing.org/docs/tcpa_layout_v1.3.pdf) or (http://www.trustedpc.org)

TCPA / Palladium Frequently Asked Questions (http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html)

E-commerce security standard in works (http://zdnet.com.com/2100-11-515926.html?legacy=zdnn)

IBM ThinkPad complies with TCPA security spec (http://www.eetimes.com/sys/news/OEG20020424S0013)

National coprocessor meets TCPA 1.1 spec (http://www.eetasia.com/ART_8800220015.HTM)

Abridged version of a commentary published in EDPACS by Auerbach Publications 2002.

Tell a friend about this page!
Their Name:
Their Email:
Your Name:
Your Email: