trusted cloud hardware and advanced cryptographic...

UNIVERSITY OF JYVÄSKYLÄ

Trusted Cloud Hardware andAdvanced Cryptographic Solutions

Demonstration lecture

University of Jyväskylä

Dr. Oleksiy Khriyenko([email protected] )

MIT DepartmentUniversity of Jyväskylä


I am very much thankful to all the creators of the images that I found from Google andhave used in this presentation.

2

Acknowledgement

Oleksiy Khriyenko


3

Cloud Computing

Internet

WEB

Oleksiy Khriyenko


4

Cloud Computing

DATA

DATA

DATADATA

DATA

Cloud

Oleksiy Khriyenko


5

Cloud Computing

Cloud

Oleksiy Khriyenko


6

Cloud Computing

Cloud

Oleksiy Khriyenko


Cloud Computing Stacko Software-as-s-Service (SaaS) Applications designed for end-users, run on someone else's system,

delivered over the web. Applications can be used for a wide range of tasks for both individuals and organizations.(email, content creation tools, communication, entertainment & games, accounting and invoicing, tracking sales,planning, performance monitoring, etc.).

o Platform-as-s-Service (PaaS) It is a computing platform (a set of tools and services) that allows thecreation and deployment of web applications quickly and easily and without the complexity of buying andmaintaining the software and infrastructure underneath it (execution runtime, operating systems, database, webservice, development tools, etc.). PaaS services can consist of preconfigured features that customers can subscribeto, they can choose to include the features that meet their requirements while discarding those that do not.

o Infrastructure-as-s-Service (IaaS) Hardware and software that powers it all – virtual server space,network connections, bandwidth, IP addresses and load balancers, storage. Rather than purchasing servers,software, datacenter space or network equipment, clients instead buy those resources as a fully outsourced serviceon demand. The client is given access to the virtualized components in order to build their own IT platforms.

7

Cloud Computing

Oleksiy Khriyenko


8

Authenticationand

Authorization

Cloud Security

Oleksiy Khriyenko


Modern Cryptographyo operates on binary bit sequences;

o relies on publicly known mathematical algorithms for coding the information, and a secrete keywhich is used as the seed for them:

o security level is depends on computational complexity of the algorithm or mathematical problembehind it.

9

Cryptography

Security Services of Cryptographyo Confidentiality is a security service that keeps the information from

an unauthorized person via its encryption.

o Data Integrity is identifying any alteration to the data. It cannotprevent the alteration of data, but detects whether data has beenmanipulated in an unauthorized manner.

o Authentication provides the identification of the originator:

� Message authentication identifies only the originator of themessage;

� Entity authentication is assurance that data has been receivedfrom a specific entity (e.g. particular website).

o Non-repudiation ensures that an entity cannot refuse theownership of a previous commitment or an action.

Encryption

Hash Function

MAC

Digital Signature

MAC

Digital Signature

MACDigital Signature

Oleksiy Khriyenko


10

Cryptography

Cryptosystems

Asymmetric Key Encryption

Stream Ciphers

Block Ciphers

RC4A5/1A5/2FISH…

DES (64bit block, 56bit key)3DES (or T-DES)AES (128bit block, 128/192/256bit key)IDEA (64bit block, 128bit key)Twofish (128bit block, up to 256bit key)Serpent (128bit block, 128/192/256bit key)

Feistel network Lai-Massey scheme

Symmetric Key Encryption

Integer Factorization Discrete Logarithm

RSA Diffie-Helman (D-H) Key ExchangeElGamalCramer-Shoup (ElGamal extension)Elliptic CurvesHyperelliptic Curves

Oleksiy Khriyenko


Advanced Encryption Standard (AES)o the more popular and widely adopted symmetric encryption algorithm.

o at least 6 times faster than 3DES…

o is based on “substitution–permutation network”.

o computations on bytes rather than bits (input is split to 16 bytes).

o use different amount of rounds depending on key size.

11

Cryptography

Internal operation of AES is base on finitefields or Galois field ��(��) - in particular��(2�), where elements are polynomials…o AES algorithm is sufficient to protect classified

information up to the SECRET level. (TOPSECRET with 192 or 256 key lengths).

o AES performs on a high speed and low RAM,and suitable to be used on a wide variety ofhardware, from 8-bit smart cards to high-performance computers.

As other Block Ciphers, AES can be used for:

o different encryption schemas;o stream ciphers;o PRNGs;o Hash functions;o MACs

Oleksiy Khriyenko


Rivest-Shamir-Adelman (RSA) Algorithm

Generation of the Key Pair:o Generate modulus (n):

1. Choose two large random distinct prime numbers p and q2. Compute product n = p*q

o Find derived number (e):1. Compute the Euler’s totient function of the product n as φ(n) = (p − 1)(q − 1)2. Choose an integer e (also called the public exponent) such that 1 < e < φ(n) that is coprime to φ(n). Choosing a

prime number for e leaves us only to check that e is not a divisor of φ(n).o Form the public key as a pair (n,e):o Generate the private key d: Compute the private exponent d, the modular multiplicative inverse of e (mod φ(n)). Worked

example for the modular multiplicative inverse: de = 1 mod φ ( n )

RSA operates on numbers modulo n. Hence, it is necessary to represent the plaintext as a series ofnumbers less than n.

o RSA Encryption for a padded plaintext message m is: � = ��

o RSA Decryption for an encrypted ciphertext c is: � = ��

12

Cryptography

Strength of RSA: difficulty in factoring a large prime number. It ensures that attacker cannot find in finite time thetwo primes (p & q) used to obtain n. At the same time, RSA encryption function is considered as a one-way function ofconverting plaintext into ciphertext and it can be reversed only with the knowledge of private key d.

Strength become weaker if numbers p and q are not large primes and/ or chosen public key e is a small number.

Oleksiy Khriyenko


Discrete Logarithm Problem (DLP)

Given �, ��∗, primitive element (generator) �. Find �such that �� = ��.

� ∗ � ∗ � ∗ ⋯∗ � = ��

Cyclic groups are the basis of Discrete Logarithm Cryptosystems since they can make “nice” DiscreteLogarithm Problem (DLP):

o cyclic multiplicative group of a prime field ��∗ (e.g. ElGamal encryption, Diffie–Hellman key exchange, and the

Digital Signature Algorithm)

o ��( �)∗ multiplicative group of an extension field (e.g. AES)

o cyclic subgroups of elliptic curves over finite fields (hyperelliptic curves as a generalization of elliptic curves)

13

Cryptography

�!"�#$

Oleksiy Khriyenko


Diffie–Hellman key exchange (D–H)

14

Cryptography

% = &'() ∈ , ,, … , � .

/ = &'01) =�2��

&)3 =32��

4 = &'(3 ∈ , ,, … , � .

5 = &'013 =�1��

&)3 =)1��

�, �

3 )

E Dx xy

6 = � ∗ &)3�� = 6 ∗ &)378��

Oleksiy Khriyenko


ElGamal encryptionIt is a variation of an encryption based on Diffie–Hellman key exchange.

Advantages:o Bobs public key is based on parameters chosen by him

o Ephemeral (temporal) key &9 should be different for every plaintext

o Since &9 is different every time, we will get different result 6for the same plaintext �

15

Cryptography

:;<<=>" ∈ , ,,… , � .

?@;>A>B%CD>E&9 =�"��

Session(Masking)KeySession(Masking)KeySession(Masking)KeySession(Masking)Key&R=�"��

:;<<=>C%BS>@BTA>@%UV@BTATWTX>>C>A>UW �

V = &'( ∈ , ,, … , � .

� = &'01 =��

(�, �, �)

6 = � ∗ &R�� &R=&9��

� = 6 ∗ &R78��

Alice Bob

(6,&9)

Oleksiy Khriyenko


Elliptic CurvesIn cryptography we consider polynomials over �� . So, EC over �� , � > ,, is the set of allpairs(�, 6) ∈ �� for which:

6 =�, + 2� + 1��

together with imaginary point at infinity.

Elliptic Curve DLP : to find integer where 1 ≤ � ≤ #9 , such that

where ^ is a primitive element (generator) and _(�` , a`) - point on curve.So, - is a Private Key

_ - is a Public Key

According to Hasse’s Theorem, cardinality of the EC is very roughly in the range of the prime �:� + 1 . 2 � ≤ #b ≤ � + 1 + 2 � . Therefore, taking into account Square-root-attack, to achieve security level of cd, we need to use a prime about 160 bit to have 8ed elements on a curve.

Several discrete logarithm-based protocols have been adapted to elliptic curves, replacing thegroup ��

∗with an elliptic curve: EC Diffie-Hellman (ECDH), EC Digital Signature Algorithm (ECDSA), EC ElGamal

encryption, etc.

Advantages:o The primary benefit promised by ECC is a smaller key size.

o Computationally is much more efficient.

Large number of cryptographic primitives based on bilinear mappings on various elliptic curve groups have beenintroduced. Corresponding schemes provide efficient identity-based encryption as well as pairing-based signatures.

16

Cryptography

' + ' +⋯+ ' = �' = f

�!"�#$

Oleksiy Khriyenko


Length of Public-Key Algorithms for different security levels

17

Cryptography

Oleksiy Khriyenko

Alg. family Cryptosystem Security Level (bit)

80 128 192 256

Integer Factorization RSA 1024 3072 7680 15360

Discrete Logarithm D-H, DSA, ElGamal 1024 3072 7680 15360

Elliptic Curves ECDH, ECDSA 160 256 384 512

Symmetric Key AES, 3DES 80 128 192 256


Digital Signatures

Basic protocol:

There are many Digital Signature protocols based on different cryptosystems (e.g RSA DS, ElGamal DS- is a basis for very widely used Digital Signature Algorithm (DAS), EC DS, etc.)

18

Cryptography

&'(), &'01()

g = g"h&'()(�) i#(&'01)

�, g = !(0#�(j2k$#

&'01()Alice Bob

(�, g)

Hash Functiono is used to map data of arbitrary size to data of fixed size.

o With respect to the Square-root attack, the output size shouldbe l if we would like to achieve security level l (e.g.l = 8ed)

o There are Secure Hash Algorithm 3 (SHA-3) and many otherHash Functions as well…

Alg. Output (bit)

Input (bit)

N of rounds

Collisions found

MD5 128 512 64 Yes

SHA-1 160 512 80 Not yet

SHA-2 224 224 512 64 No

256 256 512 64 No

384 384 1024 80 No

512 512 1024 80 No

Message Authentication Codes (MACs)o is an analog for Digital Signature using symmetric cryptography (since it is faster);o provides arbitrary input and fixed output lengths, message authentication and Integrity security services;o drawback is we need a secure channel for key distribution, and is mainly does not provide non-repudiation property;o could be based on different cryptographic primitives: HMAC (hash function based); OMAC, CBC-MAC and PMAC

(block cipher based)o many of the fastest MAC algorithms such as UMAC and VMAC are constructed based on universal hashing.o can deliberately combine two or more cryptographic primitives to maintain protection (e.g. Transport Layer Security

(TLS) uses MD5 and SHA-1 and XOR results together to output)

Oleksiy Khriyenko


In year 2007, the leading companies in the computing world such asAMD, Hewlett-Packard, IBM, Intel and Microsoft have created the not-for-profit Industry Security Standard Consortium known as theTrusted Computing Group (TCG) .(www.trustedcomputinggroup.org)Some infographics:

• http://www.trustedcomputinggroup.org/wp-content/uploads/INFOGRAPHIC-TCG-PR-Works-FINAL.pdf• http://www.trustedcomputinggroup.org/wp-content/uploads/Infographic-TCG-SED.pdf• http://www.trustedcomputinggroup.org/wp-content/uploads/TPM-Infographic_Complete_Print.pdf• http://www.trustedcomputinggroup.org/wp-content/uploads/INFOGRAPHIC-TCG-IoT-FINAL-3.pdf

“Trusted Computing" is the electronics industry's biggest 21st-century buzzwords.

19

Trusted Computing

Oleksiy Khriyenko

Trusted Platform Module (TPM) - is aninternational standard for a securecryptoprocessor, which is a dedicatedmicrocontroller designed to securehardware by integrating cryptographic keysinto devices.TPM Commodity cryptographic chip present by default inmany mainstream servers, laptops, desktops.


Trusted Platform Module (TPM)offers at least three trusted computing primitives:

secure measured boot - ensures that themachine can only boot a certain hardware andsoftware configuration. Proofs a “health” of theclient.

remote attestation - enables users to remotelyattest that a machine booted a certain hardwareand software configuration.

sealed storage - protects data by binding it to aparticular TPM and software configuration in away that can only be accessed by the samecombination of hardware and software.

20

Trusted Computing

Oleksiy Khriyenko

Hardware device authentication. Each TPM chip has aunique and secret RSA key (burned at its production stage)that enables to perform platform authentication by software.

Key generation and management. It is possible to generatevarious keys and store them encrypted by SRK. The moreadvance (faster and protected from physical attack), but morecostly alternative could be to use a Hardware security module(HSM).

RNG functionality. In case you do not want to trust RNGprovided by a cloud, it is possible to use/combine the resultswith results of TPM’s RNG.

TPM 2.0 supports RSA encryption and signature ECCencryption and signature ECC-DAA ECDH SHA-1, SHA-256HMAC AES and one-time-pad with XORIn TPM 2.0, there are three separate domains:• Security – functions that protect the security of the user;• Privacy – functions that expose the identity of the

platform/user ;• Platform – functions that protect the integrity of the

platform/firmware services .

TPM is used by Intel's Trusted Execution Technology (TXT) tocreate a "chain of trust", and to remotely attest that a computerhas a specified hardware setup and is using specifiedsoftware.[


Domain Specific Clouds

21

Trusted IoT and Domain Specific Clouds

Oleksiy Khriyenko

Energy Cloud

Traffic and Transportation

Cloud

House Management

CloudHealthCloud

…


Health CloudIBM is establishing a Watson Health Cloud to dramatically advance effectiveness and quality inpersonal health care, working with Apple , Johnson & Johnson and Medtronic to get the HIPAA-enabled system up and running.

This move emphasizes a future for health that is focused on the individual, relying on the popularityof personal fitness trackers , implantables , connected medical devices and other sensors forcollecting real-time information

22


Oleksiy Khriyenko


Trusted IoTAccording to Trusted Computing Group (TCG) , the following steps arerequired to build a Trusted IoT System:

o Build a Hardware Root of Trust� Trusted Platform Module (TPM)

o Employ Hardware Storage Encryption� Self-Encrypting Drive (SED)

o Add Security Automation� Manage IoT Devices� Control Network Access� Connect Security Systems

o Protect Legacy Systems:� Place into Enclaves� Overlay Secure Communications� Restrict to Authorized Parties

Trusted sensorsTrusted sensors (patent US8832461), Stefan Saroiu, Alastair Wolman, MicrosoftCorporation, Sep 9, 2014 (http://www.google.com/patents/US8832461)The architecture employs hardware support at least with respect to sensors to reduce or eliminate theability to manipulate or spoof the sensor data and thereby provide trusted computing to make the dataobtained from sensors trustworthy. With a trusted sensor, tampering with the readings for the sensorcannot be performed without being detected. A trusted sensor is a sensor that is enhanced with atrustworthy computing technology such as TPM (Trusted Platform Module) to secure sensor readings.In the context of TPM, for example, solutions for making sensors trustworthy include the presence of aTPM chip in the mobile device, and the capability of the sensor to sign associated sensor readings.

23


Oleksiy Khriyenko


24

Thank you!

Questions?

Dr. Oleksiy Khriyenko([email protected] )

MIT DepartmentUniversity of Jyväskylä

trusted cloud hardware and advanced cryptographic...

Documents