Hardware-based Integrity Protection Flashcards

1
Q

What are the three layers of the protection pyramid?

A

Secure Execution, Secure Storage, Attestation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the two main security models in relation to HW based integrity protection?

A
Static protection -> TPM:
software components (BIOS, boot loader, OS, etc.) constitute a hash chain. Idea: if system starts secure, it stays secure

Dynamic protection -> Intel SGX:
Security enforced on CPU-level protects programs throughout execution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How does Attestation with a TPM work?

A
  • TPM has platform configuration registers (PCR)
  • registers store hashes of parts of the running software stack
  • TPM can later report hashes by signing them with a specific key -> can be used as means for authentication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Name 3 important TPM keys

A
  • Endorsement key: Constitutes identity of TPM, generated and certified upon production, used for “taking ownership”
  • Storage root key: root of trust for protecting secrets stored on the TPM
  • Attestation Identity Keys: used for signing PCR values without directly using the endorsement key (privacy!)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are some limitations of TPM?

A
  • TPM chip required
  • hashes of all versions of software have to be known and maintained
  • third party verifier has to attest system (single point of failure!)
  • Starting secure does not necessarily mean staying secure
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How does Intel SGX realize Secure Execution?

A
  • Hardware enforced protection of program memory: so called Enclave
  • Enclaves are signed and signatures are verified at startup time
  • Enclave memory can never be read / written from outside
  • Production enclaves cannot be debugged
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How does Intel SGX realize Secure Storage?

A
  • CPU-enforced data encryption
  • memory is encrypted with replay protection
  • encryption keys rotate in every power cycle
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How does Intel SGX realize Attestation?

A
  • SGX generates unforgeable proofs of the enclave in question
  • proofs carry information about the enclave’s code and execution environment
  • proofs can be requested by local or remote processes
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are some limitations of SGX?

A
  • doesn’t address issues like buffer overflows
  • SGX targets integrity, not confidentiality: code is retrievable
  • side-channel attacks possible
  • remote attestation requires subscription to intel
How well did you know this?
1
Not at all
2
3
4
5
Perfectly