A Comparison between Smart Cards and Trusted Platform Modules in Business Scenarios

MA-Thesis / Master von Martin W. Murhammer

Abstract:

Loss of proprietary information can be anywhere between disadvantageous to disastrous to organizations and private individuals alike. Main reasons that contribute to that are theft of computing devices—whether or not they are mobile or portable—theft of proprietary information, and unauthorized access to information.

Causes of the aforementioned problem that are of particular interest for this thesis are lack of sufficiently strong authentication of users and lack of sufficiently strong protection of information on mobile and removable devices, as outlined in the following two paragraphs.

Authentication—the process of validating a given identity based upon certain credentials—is a critical step to secure access to valuable information assets. Even though more granular authorization mechanisms may be provided by modern computer systems, mainstream operating systems offer at least one method of user authentication. The same holds true for devices such as personal digital assistants (PDA) and mobile telephones. The fact that this protection can be turned off is deplorable from a security point of view but it may serve a particular business need when no critical information has to be protected and ease of use is of the essence.

The proliferation of mobile computing devices throughout the general population of users is constantly increasing. Subsequently, it is safe to assume that such devices are used to store and/or access critical business information. The threat to that information lies in the circumstances of mobility. Mobile devices are subject to theft as well as contamination with malware (viruses, worms, Trojan horse software, etc.) when connected to foreign network infrastructures. While critical information inside an organization can be—and usually is—well guarded, providing equal measures of protection to mobile devices can be technically, organizationally and financially challenging and hence has been often neglected by corporate IT departments. Aside from proper authentication, protection of information in storage as well as in transport requires equal consideration in this environment.

In order to overcome the problem of insufficient authentication and protection, several security controls are available to users and security administrators today. The question that they are frequently facing is which one to choose in a given situation.

This question is the core motivation to research this topic. The idea to select and compare two particular technologies stems from a need to narrow the scope of available technologies, for once, and to find out if distinct differences between otherwise similar technologies can be elaborated. The latter part also poses as the primary challenge for this research.

Smart cards—and USB or other tokens based upon the same technology—have been around for decades and have a good track record of adding security to information systems. They have been, and are being, researched extensively and therefore serve as an excellent benchmark for newer technologies. One of their primary goals is to provide users with a way to keep identity and other important information physically secure on a portable medium. The area of smart cards is governed by mature standards [ISO7816] and assurance levels of EAL4 and above according to the Common Criteria levels of evaluation [CC2204]. The fact that newer computer systems (e.g. Acer) and peripherals (e.g. Cherry keyboards) are shipped equipped with smart card readers is an indicator that further proliferation of this technology is likely.

Trusted Platform Modules (TPM), at least those based upon a specification from the Trusted Computing Group (TCG; formerly known as Trusted Computing Platform Alliance—TCPA) on the other hand, are a comparatively new kid on the block. The primary idea here was to add a trust base to general-purpose computers and devices that allows users and programs to determine that they are interfacing with, and executing on, a platform that meets certain pre-defined security requirements. The goal was also to devise such trust base in an inexpensive way in the form of a hardware chip added to a computer’s main board.

Of course, TPMs that serve exactly that purpose have been around for several years longer. They were—and still are—built upon specialized hard- and software and offer a much higher level of tamper resistance. That quality typically comes at a cost prohibitive to general-purpose computers and devices and thus restricts them to high-security systems, such as payment servers and certification authorities in public key infrastructures. Such devices are referred to as Hardware Security Modules (HSM). This thesis does not intend to discuss HSMs because its primary focus is on the comparison of low-cost security devices.

Finally, the fact that early adoptions of TCG TPMs exhibited much the same end-user functionality as smart cards gave rise to the question as to what the differences really are, and where the road may lead, based upon real-world scenarios. In light of past and ongoing controversy about privacy issues in certain TPM deployment and usage scenarios—digital rights management in particular—and the intentions of some vendors, industries and even legislators, this allows for exploration way beyond the intentions of this thesis.

German information technology news ticker „heise online” reported on September, 9, 2001: „Total Control per U.S. Law”, and on August, 8, 2003: „No Trust in Trusted Computing”. On May, 30, 2005, the same news service posted the following: „New Trusted Platform Modules Already in Use”. It appears that the fears expressed in earlier articles have evaporated in thin air, or that the opposition has suffered from a massive cave-in. In light of such an amazing turn-around, Digital Rights Management (DRM) has been included among the selection of scenarios.

This thesis shall provide interested readers with a decision base for the selection of protection mechanisms based upon either smart cards or TPM, or both. Despite having ways to authenticate users to a system or service, and vice versa, the question remains as to what level of trust is required, and can be established, by this line of defense, and do those levels match. Hence, at the beginning of this thesis the topic of trust—one-way, mutual and multilateral—that may be required for certain business scenarios will be explored in more detail.

Derived from trust, security requirements are discussed that need to be met by the technologies that are the subject of this thesis: smart cards and TPM.

Following that, a closer look is taken at each of these technologies in turn, illustrating their capabilities, similarities and differences, and their general capabilities to meet the previously stated requirements.

At the core of this thesis lies the discussion of real-world business scenarios for the subject security technologies and a comparison between their areas of use in each of these scenarios.

Table of Contents:

	Abstract	iii
	Acknowledgements	iv
	Table of Contents	v
	Table of Figures	x
	List of Tables	xi
1.	Introduction	1
1.1	Motivation	3
1.2	Document Structure	6
2.	The Need for Trust in Computing Environments	7
2.1	An Attempt at Definitions	8
2.1.1	Confidence and Reliance	9
2.1.2	Dependence	9
2.1.3	Non-Enforceability	10
2.1.4	Non-Transferability	11
2.1.5	Discretion	11
2.2	Aspects of Trust for Information Systems	12
2.2.1	Assurance	13
2.2.2	Technology Trusting People	15
2.2.3	Technology Trusting Technology	15
2.3	Models of Trust	16
2.3.1	One-way Trust	16
2.3.2	Two-way Trust	16
2.3.3	Third Party Trust	16
2.3.4	Chain of Trust	17
2.3.5	Web of Trust	17
2.3.6	Transitive Trust	17
2.4	Liability	17
2.5	Privacy	18
3.	Protection Requirements	20
3.1	Technical Requirements	22
3.1.1	Physical Protection	22
3.1.2	Secrecy of Data and Code	24
3.1.3	Integrity of Code and Data	26
3.1.3.1	Strong	27
3.1.3.2	Permissive	27
3.1.3.3	Practical	27
3.1.3.4	Weak	27
3.1.4	Attestation and Outbound Authentication	28
3.1.4.1	Guarding	28
3.1.4.2	Sealing	28
3.1.4.3	Binding	29
3.2	Non-technical Requirements	29
3.2.1	Availability	29
3.2.2	System and Operations Management	30
3.2.2.1	Deployment, Distribution and Replacement	30
3.2.2.2	User Registration and Support	31
3.2.2.3	Field Upgrade and Maintenance	32
3.2.3	Cost Factors	33
3.2.3.1	Cost of Production	34
3.2.3.2	Cost of Product and Solution	34
3.2.3.3	Cost of Maintenance and Replacement	34
4.	Technology Review	36
4.1	Smart Cards	38
4.1.1	Types of Smart Cards	38
4.1.1.1	Memory Cards	38
4.1.1.2	Processor Cards	38
4.1.2	Capabilities	39
4.1.2.1	Encryption	39
4.1.2.2	Key and Credential Storage	39
4.1.2.3	Authentication	39
4.1.2.4	Integrity	40
4.1.2.5	Secure Execution Environment	40
4.1.3	Components	40
4.1.3.1	Hardware	40
4.1.3.2	Software	41
4.1.4	Operation	44
4.1.5	Standards	46
4.2	Trusted Platform Modules	47
4.2.1	TPM Capabilities	48
4.2.1.1	Encryption	48
4.2.1.2	Key and Credential Storage	48
4.2.1.3	Authentication and Attestation	50
4.2.1.4	Integrity	50
4.2.1.5	Binding	51
4.2.1.6	Sealing	51
4.2.2	Components	52
4.2.2.1	Hardware	52
4.2.2.2	Software	53
4.2.3	Operation	54
4.2.3.1	Endorsement	54
4.2.3.2	Conformance	55
4.2.3.3	Platform	55
4.2.3.4	Ownership	55
4.2.3.5	Identity	56
4.2.4	Standards	58
4.2.4.1	TCG Generic Server Specification	58
4.2.4.2	TCG Trusted Network Connect (TNC) Architecture	60
4.3	Other Approaches to Trusted Computing	63
4.3.1	Isolation and Compartmentalization Model	64
4.3.1.1	Secure Co-Processor	64
4.3.1.2	Intel LaGrande Technology (LT)	64
4.3.1.3	Microsoft NGSCB	65
4.3.1.4	Multilaterally Secure Platform	65
4.3.2	Virtualization Model	66
4.3.3	Execution Control Model	67
4.3.3.1	Security-Enhanced (SE) Linux	67
4.3.3.2	Other Operating Systems	68
4.4	Drivers and Markets	68
4.5	Summary	70
5.	Business Scenarios	73
5.1	Recovery and Replacement	73
5.2	Combinations and Extensions	75
5.2.1	Adding Smart Cards to TPM	75
5.2.2	Adding Biometrics to Smart Cards and TPM	76
5.3	Multi-Function Access	78
5.4	Machine Binding	79
5.5	Asset Inventory	80
5.6	Authentication	81
5.7	Encryption	82
5.8	Digital Signatures	83
5.9	Reduced Sign-On	84
5.9.1	Client-Side Reduced Sign-on	86
5.9.2	Enterprise Reduced Sign-on	87
5.10	Secure Network Access	90
5.11	Secure Application Server	91
5.12	Shared Workstations	92
5.13	Voice over IP	93
5.13.1	Security Concerns	94
5.13.1.1	Confidentiality	94
5.13.1.2	Integrity	94
5.13.1.3	Availability	95
5.13.2	Solution Approach	95
5.13.3	Summary	96
5.14	Pseudonymous Transactions	97
5.15	Entertainment and Commodity	98
5.16	Digital Rights Management	99
5.16.1	DRM Requirements	100
5.16.1.1	Users	100
5.16.1.2	Permissions	100
5.16.1.3	Portability	100
5.16.2	DRM Component Model	101
5.16.2.1	Content Providers	101
5.16.2.2	License Brokers	101
5.16.2.3	Clearinghouses	101
5.16.2.4	Privacy / Pseudonymity CAs	101
5.16.2.5	Consumers and Users	102
5.16.2.6	Devices and Applications	102
5.16.3	DRM Solution Approaches	102
5.16.4	Summary	104
5.17	Remote Access to Classified Information	105
5.17.1	System Architecture using Standard Components	105
5.17.1.1	Terminal Server	107
5.17.1.2	Two-Factor Authentication	107
5.17.1.3	Terminal Services Client as Java Applet	108
5.17.1.4	Web Server	109
5.17.1.5	Web Application	109
5.17.1.6	Network	110
5.17.1.7	VPN Gateway	110
5.17.1.8	Printer	111
5.17.2	Augmenting or Replacing Standard Components	111
5.18	Summary	112
6.	Conclusions	117
	Bibliography	120
	Books	120
	Papers, Periodicals, Standards and Manuals	122
	Worldwide Web Sources	127
	Abbreviations	130
	Glossary	134
	Appendix	137