The TPM is dead, long live the TEE!

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

The TPM is dead, long live the TEE!

Anders Rundgren-2
Sort of related to smart cards...


Somewhat unfortunate for Microsoft and Intel who "bet the house" on TPMs (Trusted Platform Modules), all their competitors in the mobile space including Google and Apple, have rather settled on embedded TEE (Trusted Execution Environment) schemes enabling systems like this:

http://www.nasdaq.com/article/samsung-mobilesecurity-platform-to-be-part-of-next-android-20140625-00937

iOS:
http://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdf

How come the competition didn't buy into the TPM?

TPMs are based on a "one-size-fits-all" API philosophy. Since Intel relies on external vendors supplying TPM-components this (IMHO fairly unwieldy) API must also be standardized which makes the process updating TPMs extremely slow and costly.

TEEs OTOH can be fitted at any time with application-specific security APIs which both can be standardized or entirely proprietary. In fact, even third-parties can create new security APIs using GlobalPlatform's TEE!

How about security? Since there is (generally) very little consensus on these matters, I should probably not dive too deep into this :-)

Anders

------------------------------------------------------------------------------
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: The TPM is dead, long live the TEE!

William Roberts

Apples and oranges comparison. Tee is a privilege level, TPM is a piece of hardware for various crypto, storage, sealage, etc operations. Intel's platform actually supports more privilege levels than arm. And having something like a TPM would be nice as Tees need to typically implement methods to do some of their operations.

On Jul 12, 2014 6:45 PM, "Anders Rundgren" <[hidden email]> wrote:
Sort of related to smart cards...


Somewhat unfortunate for Microsoft and Intel who "bet the house" on TPMs (Trusted Platform Modules), all their competitors in the mobile space including Google and Apple, have rather settled on embedded TEE (Trusted Execution Environment) schemes enabling systems like this:

http://www.nasdaq.com/article/samsung-mobilesecurity-platform-to-be-part-of-next-android-20140625-00937

iOS:
http://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdf

How come the competition didn't buy into the TPM?

TPMs are based on a "one-size-fits-all" API philosophy. Since Intel relies on external vendors supplying TPM-components this (IMHO fairly unwieldy) API must also be standardized which makes the process updating TPMs extremely slow and costly.

TEEs OTOH can be fitted at any time with application-specific security APIs which both can be standardized or entirely proprietary. In fact, even third-parties can create new security APIs using GlobalPlatform's TEE!

How about security? Since there is (generally) very little consensus on these matters, I should probably not dive too deep into this :-)

Anders

------------------------------------------------------------------------------
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck&#174;
Code Sight&#153; - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: The TPM is dead, long live the TEE!

Anders Rundgren-2
On 2014-07-14 02:41, William Roberts wrote:
>
> Apples and oranges comparison.
>

Yes, these are indeed entirely different technologies.
However, they are currently addressing the same "problem space".

> Tee is a privilege level, TPM is a piece of hardware for various crypto, storage, sealage, etc operations. Intel's platform actually supports more privilege levels than arm. And having something like a TPM would be nice as Tees need to typically implement methods to do some of their operations.
>

Yes, TEEs implement the methods that the particular OS version needs.

I got hardware protected keys to my old Android Nexus 7 through an OTA update with Android 4.4!

My brand new Dell XPS-15 that has like "everything" will be stuck with TPM 1.2 during its lifetime.   That's lame, very lame.

The reliance on external hardware is probably manly a relic from the "Palladium" days when HW had less than 1% of the power it has today.

Anders

> On Jul 12, 2014 6:45 PM, "Anders Rundgren" <[hidden email] <mailto:[hidden email]>> wrote:
>
>     Sort of related to smart cards...
>
>
>     Somewhat unfortunate for Microsoft and Intel who "bet the house" on TPMs (Trusted Platform Modules), all their competitors in the mobile space including Google and Apple, have rather settled on embedded TEE (Trusted Execution Environment) schemes enabling systems like this:
>
>     http://www.nasdaq.com/article/samsung-mobilesecurity-platform-to-be-part-of-next-android-20140625-00937
>
>     iOS:
>     http://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdf
>
>     How come the competition didn't buy into the TPM?
>
>     TPMs are based on a "one-size-fits-all" API philosophy. Since Intel relies on external vendors supplying TPM-components this (IMHO fairly unwieldy) API must also be standardized which makes the process updating TPMs extremely slow and costly.
>
>     TEEs OTOH can be fitted at any time with application-specific security APIs which both can be standardized or entirely proprietary. In fact, even third-parties can create new security APIs using GlobalPlatform's TEE!
>
>     How about security? Since there is (generally) very little consensus on these matters, I should probably not dive too deep into this :-)
>
>     Anders
>
>     ------------------------------------------------------------------------------
>     _______________________________________________
>     Opensc-devel mailing list
>     [hidden email] <mailto:[hidden email]>
>     https://lists.sourceforge.net/lists/listinfo/opensc-devel
>


------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck&#174;
Code Sight&#153; - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: The TPM is dead, long live the TEE!

NdK-3
Il 14/07/2014 05:46, Anders Rundgren ha scritto:

> The reliance on external hardware is probably manly a relic from the "Palladium" days when HW had less than 1% of the power it has today.
Speaking of relics: smartcards :)

If it would be possible to really have a "one size fits all", the others
just would disappear...
IIUC, TEE just leverages Arm's "runlevels" -- IMVHO it's "quite" like
saying that if crypto is done inside a kernel module at ring 0 then it
have the same security of a smartcard... Sounds wrong, uh?

BYtE,
 Diego.

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck&#174;
Code Sight&#153; - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: The TPM is dead, long live the TEE!

Anders Rundgren-2
On 2014-07-14 09:36, NdK wrote:

> Il 14/07/2014 05:46, Anders Rundgren ha scritto:
>
>> The reliance on external hardware is probably manly a relic from the "Palladium" days when HW had less than 1% of the power it has today.
> Speaking of relics: smartcards :)
>
> If it would be possible to really have a "one size fits all", the others
> just would disappear...
> IIUC, TEE just leverages Arm's "runlevels" -- IMVHO it's "quite" like
> saying that if crypto is done inside a kernel module at ring 0 then it
> have the same security of a smartcard... Sounds wrong, uh?

I don't think this comparison is valid.  Smart cards in PCs do not
[generally] support Trusted Path and are thus susceptible to malware:
http://webpki.org/papers/key-access.pdf
iOS doesn't have this problem.

Smart cards offer better protection against physical attacks but I
think that will soon be history as well because a "Security Enclave"
like Apple already have hides keys from bus-monitors, debuggers and
even fairly sophisticated attacks on the chip itself.

Anyway, TPMs as implemented by MSFT/INTL doesn't offer any smart card
functionality unless you are wrapped around AD (Active Directory).

Anders

>
> BYtE,
>   Diego.
>
> ------------------------------------------------------------------------------
> Want fast and easy access to all the code in your enterprise? Index and
> search up to 200,000 lines of code with a free copy of Black Duck&#174;
> Code Sight&#153; - the same software that powers the world's largest code
> search on Ohloh, the Black Duck Open Hub! Try it now.
> http://p.sf.net/sfu/bds
> _______________________________________________
> Opensc-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>


------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck&#174;
Code Sight&#153; - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: The TPM is dead, long live the TEE!

Anders Rundgren-2
In reply to this post by NdK-3
Microsoft's VSC (Virtual Smart Card) management protocol for TPMs:
http://download.microsoft.com/download/9/5/E/95EF66AF-9026-4BB0-A41D-A4F81802D92C/%5BMS-TPMVSC%5D.pdf

Yaeh, DCOM was cool some 10 years ago...

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck&#174;
Code Sight&#153; - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: The TPM is dead, long live the TEE!

Anders Rundgren-2
In reply to this post by Anders Rundgren-2
TEE vs TPM in practice:

My old Nexus 7 got hardware-protected keys through an OTA update while my new Dell XPS-15 will be stuck with TPM 1.2 during the rest of its life!


------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel