Trusted Platform Modules: Locksmith in the Basement?

0
45

Tech giants are embedding special chips into their systems to ensure your data stays safe, even if you lose your device.

Once upon a time there was a town where people traded very valuable items. But the town had notorious thieves that kept stealing these items. So the people built a special lockbox and kept the items in them for trading. This was a strong box and could not be broken or destroyed to get the contents inside it. The only way to do that was by unlocking it. The box had two keyholes and did not have any fixed keys. A locksmith could make special keys for the box in pairs — if one of the keys in the pair was used to lock the box, only the second key in the same pair could unlock it.

This lockbox was used widely and it worked well. People kept one key of the pair outside their homes in a publicly visible place. Anyone who wanted to give them something made a copy of that key. They then kept that item in the person’s lockbox, used this copied key to lock it, and handed over the box. The second key of the pair was kept by the owner securely and not given to anyone, and only he or she could unlock the box with this second key. The thieves stopped stealing these lockboxes because they were unable to open them without the correct keys.

Figure 1: A special lock box with two keys (AI generated picture)

This worked very well for ages. But then some thieves broke into the homes of people and started stealing the second key that was with the owner. And once they got the key, they stole the contents from the lockboxes. This became a menace in no time as the thieves started stealing the keys from more and more people, who started losing the valuables kept in the lockboxes.

To overcome this challenge, people in the town started making vaults to keep their keys safely. These vaults were unbreakable and strong so the thieves could not steal the keys. The second key was kept in the vault and taken out only when needed.

But this, too, did not work for long because the thieves were able to find the keys to the vault to unlock it. Then they stole the keys from the vault!

The people in the town got together and decided to make a very special vault in the basement of their houses — a vault that was unbreakable and strong, and didn’t have a door. It was sealed and only had a small window. Everyone in the town had a trusted locksmith to make their keys. When they were making the vaults, they asked their trusted locksmiths to go inside it, and then sealed the vault. The locksmiths lived inside the vault. When a new set of keys was needed, the locksmith made a pair but gave the owner only one key to be kept outside the house. The other key was kept by the locksmith in the vault. And whenever the second key was needed to unlock a box, the lockbox would be passed through the window of the vault. The locksmith would unlock it with the key kept inside the vault and return the box.

Since the vault had no door for a thief to enter and the second key was always inside the vault, it was never stolen. And this method worked very well to carry on trading securely.

Let’s move to the present digital era. The important valuables being traded today are data. It is imperative that sensitive data be secured between the sender and the recipient. The lockbox, which is a standard one, represents a public key cryptosystem that is used to keep data secure. The two keys are public and private keys. Data encrypted with the public key can only be decrypted by the private key and vice versa.

There are multiple public key cryptosystems, the most notable ones being RSA (named after its creators Rivest, Shamir and Adleman), and ECC (elliptic curve cryptography). These provide mathematical functions that use a key to convert the data into some unreadable format which can be read only with the help of the other key. The keys are just one or a set of huge numbers which when passed to the mathematical function give the desired results.

We are not going into the details about the mathematics in this article but here is a representation of these systems:

  • Encryption (Cleartext, Key1) Ciphertext
  • Decryption (Ciphertext, Key2) Cleartext

Here, the cleartext is the original data while ciphertext is jargon that cannot be read by anyone without decrypting.

The public keys are usually announced for anyone to be able to use them. And the private keys are securely stored on the disk. This is how a sender can send valuable data to someone:

  • Get the announced public key of the recipient Key1.
  • Encrypt the cleartext with Key1 to get the ciphertext.
  • Send the ciphertext.
  • The recipient uses private key Key2 to decrypt the ciphertext and get the cleartext.
  • Nobody other than the recipient has the private key so no one else can read it.

Note that it is important for the user to keep the private key securely. If anyone else gets that key, it may compromise the security of the data.

However, even if the private keys are stored securely on the disk, malicious applications and viruses are today able to retrieve them on the disk or memory, compromising the data. It is now understood that storing the keys on a disk is not a great idea since these can always be accessed by malware.

That’s how the concept of building a vault in the basement has come up. The basement is not a part of the general living space in a home. And the small window does not allow any thief to go in. Similarly, in the modern digital era, a new chip called a trusted platform module (TPM) has been developed. It is not a part of the disks, the CPU or the memory, all of which can be accessed by malware. It is an entirely different chip placed on the motherboard.

Figure 2: A trusted platform module (TPM)

Just like the locksmith stayed in the basement and made keys there, the TPM allows us to create keys inside it and take out only the public key. The TPM never allows the private keys to leave it. If any operation is to be performed with the private key, the application sends the ciphertext to the TPM, which decrypts it and returns the cleartext. This ensures that the private keys are never compromised.

But what about devices that do not have a TPM? Well, some mobile devices do not have it, but they can use something called the TEE (trusted execution environment). It partitions a part of the CPU and the disk to behave like a TPM, and the operating system ensures that no application has access to the keys stored on the TEE. But it is not as secure as having a physical TPM.

Some operating systems like Windows 11 now compulsorily need the computer to have a TPM to be able to function securely and correctly. This ensures the user’s data is never compromised. Apple devices come with an in-built similar chip called Secure Enclave, Samsung devices come with Knox, and Google devices come with Titan. These ensure that the private keys are protected against highly advanced cyberattacks even if the device is lost.

Previous articleGit: A Popular DevOps Tool
Next articleA Complete Guide to DevOps
The author is a cybersecurity enthusiast who loves to work with cutting-edge technology and its implications. He has a passion for developing products that ease day-to-day tasks while protecting user information from malicious hands.
The author is an open source enthusiast and a contributor to open source communities and repositories. She is interested in various development based projects.

LEAVE A REPLY

Please enter your comment!
Please enter your name here