Palladium Cryptography

M. S. Ramaiah Institute of Technology 1

Palladium Cryptography

Suma CUSN No: 1MS09TE055

B.E- Telecommunication Engineering

Guide :Prof. B K Sujatha Professor MSRIT, Bangalore

Acknowledgements

I would like to thank

My guide Dr B K Sujatha for her guidance and encouragement and Seminar Coordinator Prof Venu K N

for his support

Our HOD Dr K Natarajan and Former HOD Dr Vijay Kumar B K for giving me an opportunity to present this seminar.

All the staff members for their constant support.2

M. S. Ramaiah Institute of Technology,

Contents

Goals of Network Security Types of Data Threats Present Day Security Systems Secret key and Public key Cryptography Introduction to Palladium Hardware and Software components of Palladium Working of Palladium Disadvantages of Palladium Case study References


Goals of Network Security Confidentiality

Data confidentiality implies keeping data private. This privacy could entail physically or logically restricting access to sensitive data or encrypting traffic traversing a network.

Integrity Data integrity ensures that data has not been modified in transit. Also, a data

integrity solution might perform origin authentication to verify that traffic is originating from the source that should be sending it.

Availability The availability of data is a measure of the data’s accessibility. For example, if a

server was down only for five minutes per year, it would have an availability of 99.999 percent.


Types of Data Threats

Intruders Casual prying Snooping Commercial Espionage

Viruses Memory Resident viruses Boot Sector Viruses Device Driver Viruses


Present Day Security Systems Cryptography Secret Key Cryptography Public Key Cryptography Digital Signatures

User Authentication Authentication using Passwords Authentication using Objects Authentication using Biometrics

Anti Virus Software

Firewalls


Secret Key cryptography

• Same key is used for encryption and decryption


Public key cryptography

• The Public Key is what its name suggests - Public. It is made available to everyone via a publicly accessible repository or directory. On the other hand, the Private Key must remain confidential to its respective owner.

• Because the key pair is mathematically related, whatever is encrypted with a Public Key may only be decrypted by its corresponding Private Key and vice versa.


Illustration of Public Key Cryptography

• For example, if Bob wants to send sensitive data to Alice, and wants to be sure that only Alice may be able to read it, he will encrypt the data with Alice's Public Key. Only Alice has access to her corresponding Private Key and as a result is the only person with the capability of decrypting the encrypted data back into its original form.


What is Palladium?


Palladium is the code name for a revolutionary set of features for windows operating system. The code name of this initiative “palladium”, is drawn from the Greek mythological goddess of wisdom and protector of civilized life.

Palladium can be touted as the first technology to develop software-hardware synchronization for better data security. Hardware changes incorporated by palladium are reflected in the key components of the CPU, a motherboard chip (cryptographic co-processor), input and output components such as the graphics processor etc. When combined with a new breed of hardware and applications, these “features” will give individuals and groups of user’s greater data security, personal privacy, and system integrity.

Components of Palladium


Palladium has two key componentsHardware Components Trusted Space Sealed Storage Secure Input / Output AttestationSoftware Components Nexus Trusted Agents

Hardware Components Trusted Space : This is an execution space is protected from external software

attacks such as a virus. Trusted space is set up and maintained by the nexus and has access to various services provided by palladium, such as sealed storage. In other words it is protected RAM.

Sealed Storage : Sealed storage is an authenticated mechanism that allows a program to store secrets that cannot be retrieved by non-trusted programs such as a virus or Trojan horse.

Secure input and output : A secure path from the keyboard and mouse to palladium applications and a secure path from palladium applications to the screen ensure input-output security.

Attestation : Attestation is a mechanism that allows the user to reveal selected characteristics of the operating environment to external requestors. In reality it takes the form of an encryption co-processor. It is entrusted with the job of encryption and decryption of data “to and from” the “sealed storage”.


Software Components Nexus : This component manages trust functionality for palladium user-

mode processes (agents). The nexus executes in kernel mode in the trusted space. It provides basic services to trusted agents, such as the establishment of the process mechanisms for communicating with trusted agents and other applications, and special trust services such as attestation of requests and the sealing and unsealing of secrets.

Trusted Agent : A trusted agent is a program, a part of a program, or a service that runs in user mode in the trusted space. A trusted agent calls the nexus for security related services and critical general services such as memory management. Each trusted agent or entity controls its own sphere of trust and they need not trust or rely on each other.


Modes of Operation of a PC


Working of Palladium


Disadvantages of Palladium

Software and applications have to be rewritten to synchronize with palladium or new applications must be written.

Changes are to be made to the existing computer hardware to support palladium.

It would be a long time before this technology becomes commonplace.


Case Study-Reconstructing Data Security of JNTU Examination system using Palladium

Existing System :

The question papers in encrypted form are also made available on the JNTU examination website.

Password to read the CDs is supplied one hour before the commencement of examination to the principal/chief superintendent through internet, cell phone, telephone or Fax.

The principal soon after receipt of password decrypts the original question

papers of that day using the software supplied by JNTU examination branch.


Loopholes in Existing System As the encrypted question papers are also available on the Internet

there is every chance of crackers downloading and trying to decrypt them.

There is every chance of failure or miss-match of the college specific CD due to the large number of affiliate colleges (as is been observed in some cases).

Also, in one case, a previous examination CD was mistakenly

decrypted, and the question papers thus printed, distributed initially at an examination centre.


Palladium - As a Solution A third party trusted agent (government or private programmed) is

employed who is responsible for granting of access to JNTU examination server. It processes the requests and forwards only those certified by the nexus of the JNTU’s palladium based server.

If an unauthorized system (without palladium) forwards a request, it is

immediately rejected by the server’s trusted agent. Even if an unauthorized palladium PC tries to access the server its request is rejected.

The PC-specific secret coding within palladium makes stolen files useless on

other machines as they are physically and cryptographically locked in the hardware of the server or trusted computer.


Restructured examination system using Palladium


Advantages

As the process of question paper download is highly secure, the chances of leakage are literally nil.

Since this method is highly trustworthy a single set

question paper system can be employed. An advanced system of Internet communication can

be adopted for a broader reach, thus eliminating the role of CD.


References http://epic.org/privacy/consumer/microsoft/palladium.html

http://www.princeton.edu/~achaney/tmve/wiki100k/docs/Next-Generation_Secure_Computing_Base.html

Modern Operating System by Andrew S Tanenbaum

https://www.duo.uio.no/bitstream/handle/10852/19503/FinalxThesis.pdf?sequence=2

CCNA Security by Richard A Deal

http://en.wikipedia.org/wiki/Cryptography


Thank You


Date post:	09-Nov-2014
Category:	Documents
Upload:	glucifer
View:	203 times
Download:	8 times

Palladium Cryptography

Documents