Controversial Security Paper Nixed From Black Hat

coondoggie writes us with a link to the Network World site, as he tends to do. Today he offers an article discussing the cancellation of a presentation which would have undermined chip-based security on PCs. Scheduled during the Black Hat USA 2007 event, the event's briefing promised to break the Trusted Computing Group's module, as well as Vista's Bitlocker. Live demos were to be included. The presenters pulled the event, and have no interest in discussing the subject any more. "[Presenters Nitin and Vipin Kumar's] promised exploit would be a chink in the armor of hardware-based system integrity that [trusted platform module] (TPM) is designed to ensure. TPM is also a key component of Trusted Computing Group's architecture for network access control (NAC). TPM would create a unique value or hash of all the steps of a computer's boot sequence that would represent the particular state of that machine, according to Steve Hanna, co-chair of TCG's NAC effort."

Re:I hope it's published anyway

The whole point of the design, almost the whole reason for having the hardware in the first place, is that you can't virtualize it. Neither a VM nor a computer without the chip can impersonate a computer with the chip, because they don't have the signed crypto keys which are (supposedly unextractably) embedded in the chip. It doesn't help if your VM is running inside a TC computer, because the TC device won't see the computer as running trusted software (it'll see the hypervisor, which will NOT be trusted unless it propagates the TCPA regime into the virtual system, which is what you're trying to avoid). So the chip won't attest to the VM's trustworthiness, and the VM can't do that for itself.

Nitin and Vipin Kumar are the creators of VBootkit

[I)_MaLaClYpSe_(I]

Nitin and Vipin Kumar are the creators of VBootkit and they were covered previously on Slashdot here: VBootkit Bypasses Vista's Code Signing.

Re:DMCA anyone?

[ajs318]

The point is that with something like public-key encryption using an Open Source algorithm, the only thing that has to be kept secret, and does not even have to be shared with the other party, is the decryption key. And you can prove that (if you've studied enough maths). You are in total charge of the only thing that needs to be kept secret for your communications to be secure.

Whereas, with something like Skype -- which uses a closed-source implementation of christ-knows-what algorithm and handles its own key generation -- there's no way to be sure exactly what needs to be kept secret, or even who else knows it (without reading and understanding the Source Code, you can't be sure that the decryption key is not being made available to anyone else). That's "security by obscurity": someone other than you is in charge of the secrets.

Re:How could a presentation "undermine" security?

[_Sprocket_]

What is more likely to happen? These guys getting silenced and quietly removing their presentation or these guys figuring out they were wrong and quietly removing their presentation.

While I definitely agree that its very plausible the researchers simply discovered that they goofed, I would also note that there is historical precedent for other motivations.

Re:I hope it's published anyway

[IgnoramusMaximus]

Except that there is no way for software to determine whether or not it is running in a virtualised environment. (If there was, that would indicate your virtualisation is not being done right.) Your virtual environment just has to listen for the challenges and send the correct responses. And you can know, by examining the software which is running within the virtualised environment, exactly what response it is expecting.

You misunderstand the way the TPM works. TPM chip computes a running checksum of a number of hardware CPU operations, such as memory access and/or sequence of instructions executed. Then a software in your VM will be asked to return to the remote party requesting attestation a digest value based on a random number sent to you by the other party and then run through the TPM chip. The VM has no access to the internals of the TPM chip (it is an opaque black box as far as the CPU is concerned) and thus cannot compute the correct response. Only the TPM chip can, which it will refuse to do since your running of the VM has altered the "one and only" sequence of instructions/memory accesses that the TPM continuously monitors.

In other words, TPM is specifically designed to defeat virtualization as the virtualized environment does not have sufficient data to recreate the correct responses, only the raw hardware, executing istructions under the supervision of the TPM chip, has.

Re:Reason for pull?

[luckysam]

There is no conspriracy... The presenters' visa to enter USA has been under FBI name check for over a year ...

Re:Fess up

[SiliconEntity]

Alright, who has been requesting this trusted computing platform bullshit? Speak up! I want to know the name of the one consumer who said "Yes, I really want computers that can be uniquely identified. I hate the freedom that being anonymous brings."

I do want a trusted computing platform. That's because I know how they work, and you don't. You think it limits what code you can run and takes away your anonymity. But those are all lies, fed to you by opponents of the technology, which you have blindly accepted.

The truth is that TC technology lets you prove the software configuration you are running, if you want to. That's it. This will be able to be done per-application, so that you can prove you are running a particular app while keeping other details private. I can think of many good reasons for this; yes, good, privacy-protecting reasons; even good, anonymity-protecting reasons.

But because of people like you who believe the Big Lie, the technology I need to improve privacy and anonymity on the net is being killed even in its moment of birth.