Using TPMs to Cryptographically Verify Devices at Scale
Once a new device leaves IT and enters user hands, maintaining confidence in the security of the device is a challenge. When access to network resources relies on credentials provided by the device, r …
|Talk Title||Using TPMs to Cryptographically Verify Devices at Scale|
|Speakers||Tom D’Netto (Security Engineer, Google), Matthew Garrett (Security developer, Google)|
|Conference||Open Source Summit + ELC North America|
|Location||San Diego, CA, USA|
|Date||Aug 19-23, 2019|
Once a new device leaves IT and enters user hands, maintaining confidence in the security of the device is a challenge. When access to network resources relies on credentials provided by the device, remote systems cannot tell the difference between a secure device running a trusted operating system and an adversary.Most modern machines have TPMs, and every TPM has its own cryptographic identity. Firmware and bootloaders use the TPM to generate verifiable logs of the entire boot process - but this data is rarely used to its full potential. In this talk, we explain how Google uses this functionality to build trust in a fleet of geographically diverse machines. We discuss the challenges of establishing a strong, hardware-backed identity for each machine, and how we use remote attestation to prove our devices are running a sanctioned boot chain. Finally, we present newly-released cross platform open source libraries we have built to allow anyone else to build equivalent infrastructure.