PALLADIUM CRYPTOGRAPHY

Seminar Report

Submitted By Disha Makkar

Reg. No: 090907185 Section: D

Department of Electronics and Communication Engineering MANIPAL INSTITUTE OF TECHNOLOGY (A Constituent Institute of Manipal University) MANIPAL-576 104

September 2012 Abstract

Todays personal computing environment has advanced in terms of privacy and security, while maintaining a significant amount of backward compatibility. However the evolution of a shared, open network has created new problems and requirements for trustworthy computing. As the personal computer grows more central to our lives at home, work and school, consumers and business customers alike are increasingly aware of privacy and security issues. Palladium is the code name for an evolutionary set of features for the Microsoft Windows Operating system. When combined with a new breed of hardware and applications, these features will give individuals and groups of users greater data security, personal privacy and system integrity. Palladium provides a solid basis for the users trust: a foundation on which privacy-and security-sensitive software can be built. There are many reasons why Palladium will be of advantage to users. Among these are enhanced, practical user control; the emergence of new server/service models and potentially new peer-to-peer or fully peer-distributed service models.

LIST OF TABLES

Table No

Table Title

Page No

LIST OF FIGURES

Figure No 1 2

Figure Title A Palladium based PC Next-Generation Secure Computing Base (NGSCB) architecture

Page No

Contents
Abstract List Of Figures List Of Tables Chapter 1 INTRODUCTION 1.1 1.2 1.3 BACKGROUND THEORY and/or LITERATURE REVIEW 2.1 2.2 METHODOLOGY 3.1 3.2 RESULT ANALYSIS 4.1 4.2 CONCLUSION AND FUTURE SCOPE 5.1 5.2 i ii iii

Chapter 2

Chapter 3

Chapter 4

Chapter 5

Work Conclusion Future Scope of Work

REFERENCES ANNEXURES (OPTIONAL)

CHAPTER 1 INTRODUCTION
The Next-Generation Secure Computing Base(NGSCB), formerly known as Palladium, is a software architecture designed by Microsoft which is expected to implement "Trusted Computing" concept on future versions of the Microsoft Windows operating system. Palladium is part of Microsoft's Trustworthy Computing initiative. Microsoft's stated aim for palladium is to increase the security and privacy of computer users. Palladium involves a new breed of hardware and applications in along with the architecture of the Windows operating system. Designed to work side-by-side with the existing functionality of Windows, this significant evolution of the personal computer platform will introduce a level of security that meets the rising customer requirements for data protection, integrity and distributed collaboration. It's designed to give people greater security, personal privacy and system integrity. Internet security is also provided by palladium such as protecting data from virus and hacking of data In addition to new core components in Windows that will move the Palladium effort forward, Microsoft is working with hardware partners to build Palladium components and features into their products. The new hardware architecture involves some changes to CPUs which are significant from a functional perspective. There will also be a new piece of hardware called for by Palladium that you might refer to as a security chip. It will provide a set of cryptographic functions and keys that are central to what we're doing. There are also some associated changes under the chipset, and the graphics and I/O system through the USB portall designed to create a comprehensive security environment. "Palladium" is the code name for an evolutionary set of features for the Microsoft Windows operating system. When combined with a new breed of hardware and applications,"Palladium" gives individuals and groups of users greater data security, personal privacy and system integrity. Designed to work side-by-side with the existing functionality of Windows, this significant evolution of the personal computer platform will introduce a level of security that meets the rising customer requirements for data protection, integrity and distributed collaboration.

CHAPTER 2 THE CHALLENGE

The evolution of a shared, open network ( the internet) has created new problems and requirements for trustworthy computing. As the personal computer grows more central to our lives, we are increasingly aware of our privacy and security issues. Now, the pressure is on for industry leaders to take the following actions: Build solutions that will meet the pressing need for reliability and integrity. Make improvements to the personal computer such that it can more fully reach its potential and enable a wider range of opportunities Give customers and content providers a new level of confidence in the computer experience Continue to support backward compatibility with existing software and user knowledge that exists with Windows systems today. Together, industry leaders must address these critical issues to meet the mounting demand for trusted computing while preserving the open and rich character of current computer functionality.

THE SOLUTION: "Palladium" is the code name for an evolutionary set of features for the Microsoft Windows operating system. When combined with anew breed of hardware and applications, "Palladium" gives individuals and groups of users greater data security, personal privacy and system integrity. Designed to work side-by-side with the existing functionality-of Windows, this significant evolution of the personal computer platform will introduce a level of security that meets the rising customer requirements for data protection, integrity and distributed collaboration. Users implicitly trust their computers with more of their valuable data every day. They also trust their computers to perform more and more important financial, legal and other transactions.

Palladium provides a solid basis for this trust: a foundation on which privacy and securitysensitive software can be built. There are many reasons why "Palladium" will be of advantage to users. Among these are enhanced, practical user control; the emergence of new server/service models; and potentially new peer-to-peer or fully peer-distributed service models. The fundamental benefits of "Palladium" fall into three chief categories: greater system integrity,superior personal privacy and enhanced data security. These categories are illustrated in Figure 1.

figure 1. A Palladium based PC

CHAPTER 3 CORE PRINCIPLES OF PALLADIUM

Palladium is not a separate operating system. It is based in architectural enhancements to the windows kernel and to computer hardware, including the CPU, peripherals and chipsets, to create a new trusted execution subsystem Palladium will not eliminate any features of windows that users have come to rely on; everything that runs today will continue to run with palladium. It is important to note that while todays applications and devices will continue to work in palladium, they will gain little to no benefit from palladium environment or new applications must be written. In addition, palladium does not change what can be programmed or run on the computing platform. Palladium will operate with any program the user specifies while maintaining security. Types of Data Threats: INTRUDERS: In security literature people who are nosing around places where they have no business being are called intruders or sometimes adversaries. Intruders can be broadly divided as passive and active. Passive intruders just want to read the files they are not authorized to. Active intruders are more malicious and intend to make unauthorized changes to data. Some of the common activities indulged by intruders are: Casual Prying: non-technical users who wish to read other peoples e-mail and private files mostly do this. Snooping: This term refers to the breaking of the security of a shared computer system or a server. Snooping is generally done as a challenge and is not aimed at stealing or tampering of confidential data. Commercial Espionage: This refers to the determined attempts to make money using secret data. For example an employee in an organization can secure sensitive data and sell it away to rival companies for monetary gains. It is very important that potential intruders (and their corresponding activities) are taken into consideration before devising a security system. This is essential as the level of threat and intended damage differ from one to another.

VIRUS: Basically a virus is a piece of code that replicates itself and usually does some damage. In a sense the writer of a virus is also an intruder, often with high technical skills. In the same breath it must be said that a virus need not always be intentional and can simply be a code with disastrous run time errors. The difference between a conventional intruder and a virus is that the former refers to person who is personally trying to break into a system to cause damage whereas the latter is a program written by such a person and then released into the world hoping it causes damage. The most common types of viruses are: executable program viruses, memory resident viruses, boot sector viruses, device driver viruses, macro viruses, source code viruses, Trojan horses etc. Overview of present data security systems compare tcpaCryptography: Cryptography is the method in which a message or file, called plain text, is taken and encrypted into cipher text in such a way that only authorized people know how to convert it back to plane text. This is done commonly in four ways: Secret key cryptography, public key cryptography, one way function cryptography and digital signatures. Unless the encryption technique used is very complex it is possible, with some effort, for crackers to decrypt files. User authentication: It is a method employed by the operating system or a program of a computer to determine the identity of a user. Types of user authentication are: Authentication using passwords, authentication using physical objects (like smart cards, ATM cards etc.), authentication using biometrics (like Finger prints, retinal pattern scan, signature analysis, voice recognition etc.). Inherent problems of user authentication are password cracking, duplication of physical objects and simulation of biometrics by artificial objects. Anti-virus software: an anti virus software scans every executable file on a computers disk looking for viruses known in its database. It then repairs, quarantines or deletes an infected files. However a clever virus can infect the anti-virus software itself. Some of the popular anti-virus soft wares are Norton, PCcillin, MCcafee etc. Firewalls: it is a method of preventing unauthorized access to a computer system often found in network computes. A firewall is designed to provide normal service to authorized users while at the same time preventing unauthorized users from gaining access to the system. In reality they add a level of inconvenience to legal users and their ability to control illegal access may be questionable.

CHAPTER 4 ASPECTS OF PALLADIUM

Palladium comprises two key components: hardware and software. Hardware Components Engineered for ensuring the protected execution of applications and processes, the protected operating environment provides the following basic mechanisms: Trusted space (or curtained memory): This is an execution space is protected form external software attacks such as a virus. Trusted space is set up and maintained by the nexus and has access to various services provided by palladium, such as sealed storage. In other words it is protected R.A.M.

Sealed storage: Sealed storage is an authenticated mechanism that allows a program to store secrets that cannot be retrieved by non-trusted programs such as a virus or Trojan horse. Information in sealed storage cant be read by other non trusted programs (sealed storage cannot be read by unauthorized secure programs, for that matter, and cannot be read even if another operating system is booted or the disk is carried to another machine.) these stored secrets can be tied to the machine, the nexus or the application. Palladium will also provide mechanisms for the safe and controlled backup and migration of secrets to other machines. In other words it is a secured and encrypted part of the hard disk. Secure input and output: A secure path from the keyboard and mouse to palladium applications and a secure path from palladium applications to the screen ensure input-output security. Attestation: Attestation is a mechanism that allows the user to reveal selected characteristics of the operating environment to external requesters. In reality it takes the form of an encryption co-processor. It is entrusted with the job of encryption and decryption of data to and from the sealed storage.These basic mechanisms provide a platform for building distributed trusted software.

Software components The following are the software components of palladium: Nexus (a technology formerly referred to as the trusted operating root (TOR)): This component manages trust functionality for palladium user-mode processes (agents). The nexus executes in kernel mode in the trusted space. It provides basic services to trusted agents, such as the establishment of the process mechanisms for communicating with trusted agents and other applications, and special trust services such as attestation of requests of requests and the sealing and unsealing of secrets. Trusted agents: A trusted agent is a program, a part of a program, or a service that runs in user mode in the trusted space. A trusted agent calls the nexus for securityrelated services and critical general services such as memory management. A trusted agent is able to store secrets using sealed storage and authenticates itself using the attestation services of the nexus. One of the main principles of trusted agents is that they can be trusted or not trusted by multiple entities, such as the user, an IT department, a merchant or a vendor. Each trusted agent or entity controls its own sphere of trust and they need not trust or rely on each other. Together, the nexus and trusted agents provide the following features: Trusted data storage, encryption services for applications to ensure data integrity and protection. Authenticated boot, facilities to enable hardware and software to authenticate itself.

figure 2. Next-Generation Secure Computing Base(NGSCB) architecture

Working of Palladium Palladium is a new hardware and software architecture. This architecture will include a new security computing chip and design changes to a computers central processing unit (CPU), chipsets, and peripheral devices, such as keyboards and printers. It also will enable applications and components of these applications to run in a protected memory space that is highly resistant to tempering and interference. The pc-specific secret coding within palladium makes stolen files useless on other machines as they are physically and cryptographically locked within the hardware of the machine. This means software attacks cant expose these secrets. Even if a sophisticated hardware attack were to get at them, these core system secrets would only be applicable to the data within a single computer and could not be used on other computes. Protection Using Palladium Palladium prevents identity theft and unauthorized access to personal data on the users device while on the internet and on other networks. Transactions and processes are verifiable and reliable through the attestable hardware and software architecture and they cannot be imitated. With palladium, a systems secrets are locked in the computer and are only revealed on terms that the user has specified. In addition, the trusted user interface prevents snooping and impersonation. The user controls what is revealed and can separate categories of data on a single computer into distinct realms. Like a set of vaults, realms provide the assurance of separability. With distinct identifiers, policies and categories of data for each, realms allow a user to have a locked-down work environment and fully open surfing environment at the same time, on the same computer. Finally, the palladium architecture will enable a new class of identity service providers that can potentially offer users choices for how their identities are represented in online transactions. These service providers can also ensure that the user is in control of policies for how personal information is revealed to others. In addition, palladium will allow users to employ identity service providers of their own choice. From the perspective of privacy ( and anti-virus protection), one of the key benefits of palladium is the ability for users to effectively delegate certification of code. Anyone can certify palladium hardware or software, and it is expected that many companies and organizations will offer this service. Allowing multiple parties to independently evaluate and certify palladium capable systems means that users will be able to obtain verification of the systems operation from organizations that they trust. In addition, this will form the basis for a strong business incentive to preserve and enhance privacy and security. Moreover, palladium allows any number of trusted internal or external entities to interact with a trusted component or trusted platform.

Comparison of TCPA and Palladium TCPA stands for Trusted Computing Platform Alliance, an initiative led by Intel. Their stated goal is a new computing platform for the next century that will provide for improved trust in the PC platform. Palladium is software that Microsoft says it plans to incorporate in future versions of Windows; it will build on the TCPA hardware and will add some new features. The TCPA and Palladium rely on the addition to the hardware of normal PCs. While Palladium calls for more extensive changes, the modifications are remarkably similar. Both call for a new chip to be placed on the motherboard of all future computers. The chip would include new encryption functions as well as a small amount of memory that would act as a digital vault to store important keys to decrypt protected data. The TCPA refers to the chip as the Trusted Platform Module, a successor to the Intels processor. Microsoft refers to the hardware components of Palladium as Secure Cryptographic Coprocessor or SCP.

CHAPTER 5 CONCLUSION AND FUTURE SCOPE OF WORK

ADVANTAGES OF PALLADIUM Block Malicious Code One of the more promising aspects that Palladium will bring to end-users is the ability to authenticate the programs they use. A user will allow certain applications access to resources. Originally, it was thought that Palladium would not permit unauthorized code to run on a system; therefore it would stop the execution of programs like viruses. Recently,however, Microsoft has backed off these claims about Palladium. Now it simply claims that Palladium will provide a secure execution environment for anti-virus programs (MS Palladium Technical FAQ). The benefit of a secure environment is that viruses and other malicious code cannot alter the behaviour of a Palladium-enabled anti-virus program. Microsoft has decided that legacy support for existing Windows applications is important enough so as not to require all programs to be rewritten for Palladium. This means that existing programs and viruses will still run on a Palladium system. The implied benefit to Palladium, aside from the added protection to anti-virus programs, is the increased authentication with new Palladium enabled programs. If Palladium proliferates as Microsoft hopes, there will come a time when legacy support will not be important any more, and unauthorized programs will not be run. It appears as though this is the first step on the way to that idea. Digital Right Management The digital rights management (DRM) potential with a Palladium system is what content producers and distributors are interested with. Digital rights management has to do with controlling whom and how long content is distributed. Microsoft touts Palladium as being independent of any existing DRM technology today (MS Palladium Technical FAQ).On the other hand, it acknowledges that Palladium systems are being designed to coincide with DRM technologies to help content developers (MS Palladium Technical FAQ). A Palladium system is supposed to make it easier for individual users to implement DRM on their own personal data. For example, a user may set up a vault containing credit card information. Palladium would allow the user to set up a group of trusted agents that would have access to all or certain parts of that data. Along with data, Palladium promises to give users the option to regulate time interval that data is available to the trusted agents they have specified.

Digital rights management(DRM) is a generic term for access control technologies that can be used on the usage of digital content and devices. The term is used to describe any technology that inhibits uses of digital content not desired or intended by the content provider. The term does not generally by hardware manufacturers, publishers,copyright holders and individuals to impose limitations refer to other forms of copy protection which can be circumvented without modifying the file or device, such as serial numbers or key files. It can also refer to restrictions associated with specific instances of digital works or devices. Digital rights management is used by companies such as Sony, Apple Inc., Microsoft, AOL and the BBC. Digital rights management (DRM) is a systematic approach to copyright protection for digital media. The purpose of DRM is to prevent unauthorized redistribution of digital media and restrict the ways consumers can copy content they've purchased. DRM products were developed in response to the rapid increase in online piracy of commercially marketed material, which proliferated through the widespread use of peer-to-peer file exchange programs. Typically DRM is implemented by embedding code that prevents copying,specifies a time period in which the content can be accessed or limits the number of devices the media can be installed on. Although digital content is protected by copyright laws, policing the Web and catching law-breakers is very difficult. DRM technology focuses on making it impossible to steal content in the first place, a more efficient approach to the problem than the hit-and-miss strategies aimed at apprehending online poachers after the fact.

DISADVANTAGES OF PALLADIUM Upgrades In order to take advantage of what Palladium is supposed to offer, users will have to upgrade both their current operating systems and hardware. The next version of Windows, due out in 2012 Q-4, will need hardware support for Palladium features to work at all (MS Palladium Technical FAQ). It is unclear at this point whether the next major Windows release will run on non-Palladium compatible hardware. The central processing unit will have to support the trusted execution mode that Palladium offers. It is clear that future motherboards will need to contain the security chip for Palladium to run properly (MS Palladium Technical FAQ). More upgrades may be of concern in the area of graphic hardware and peripherals such as keyboards and mice because of the encryption in between these hardware devices and the software they are interacting with. Inter probability Palladium has received wide criticism for being a so-called General Public License(GPL) killer (Anderson). Now, Microsoft clearly states that the Palladium-enabled operating system will be able to co-exist with any Linux based system, just as their operating systems do today. The question that comes to mind is, will that change with wide spread adoption of the Palladium architecture? For example, if a bank switches over to exclusively Palladium systems, would customers of that bank who dont run Palladium systems be able to use the banks services? Palladium is not a direct attack on GPL or Linux based system, but is an attempt to change the rules of the names. Legacy Programs By Microsofts own admission, the Palladium-enabled operating system will not have perfect legacy support (MS Palladium Technical FAQ). All existing debuggers will need to be updated in order to work under Palladium. Performance tools that monitor operating system or user processes will need to be updated. Any memory dump software will not work correctly without changes to support Palladium. Hibernation features of motherboards will need to be updated as well. Memory scrub routines, at the hardware level,will need to be rewritten to accommodate Palladium. The reason for all of these updates is the trusted agent policy that Palladium enforces. No program is allowed to invade the execution space for any other program. In the case of a debugger, it will need special permission from the operating system to monitor the execution space of the target program. Even software developed for the TCPA specification will need to be rewritten if it tries to directly write to any TCPA hardware. This description of incompatible legacy programs is by no means comprehensive; it is simply what Microsoft is disclosing at this time (MS Palladium Technical FAQ).

CONCLUSION Today, IT managers face tremendous challenges due to the inherent openness of end-user machines, and millions of people simply avoid some online transactions out of fear. However, with the usage of "Palladium" systems, trustworthy, secure interactions will become possible. This technology will provide tougher security defences and more abundant privacy benefits than ever before. With "Palladium," users will have unparalleled power over system integrity, personal privacy and data security. Independent software vendors (ISVs) that want their applications to take advantage of "Palladium" benefits will need to write code specifically for this new environment a new generation of "Palladium"- compatible hardware and peripherals will need to be designed and built. The "Palladium" development process will require industry wide collaboration. It can only work with broad trust and widespread acceptance across the industry, businesses and consumers."Palladium" is not a magic bullet. Clearly, its benefits can only be realized if industry leaders work collaboratively to build "Palladium"compatible applications and systems and then only if people choose to use them. But the "Palladium" vision endeavours to provide the trustworthiness necessary to enable businesses, governments and individuals to fully embrace the increasing digitization of life. The Internet and the proliferation of digital content have sparked the need for more privacy and security of data. The looming question whenever anyone talks about security and privacy is: for whom? Palladium certainly gives digital content 16providers the control over their product that they have wanted for a long time. In recent months, Microsoft has clearly emphasized the benefits that the marriage of Palladium and DRM can bring to end-users. Microsoft claims that users will have complete control of their personal information. The Palladium-enabled operating system isnt due for at least another year. It could take months after the initial release for anyone to feel its effects.

REFERENCES
Journal / Conference Papers [1] Felten.W. Understanding trusted computing: will its benefits outweigh its drawbacks?, Volume: 1, Issue: 3 ,Publication Year: 2003 , Page(s): 60- 62 [2] Hachman M.,and Rupley S. Microsoft's Palladium: A New Security Initiative. 25Jun. 2002. ExtremeTech Online. 5 Jan 2003 Reference / Hand Books [1] Modern Operating Systems by Andrew. S. Tanenbaum Web [1] Details about Palladium on the web site Microsoft.com [2] White paper on Microsoft Palladium by Electronic Privacy Information Centre