Protecting Attack Surfaces with Trusted Solutions
January 17, 2019
Using the Trusted Computing Group's (TCG's) Trusted Platform Module (TPM) 2.0 standard, Mocana's customers can secure IoT device storage, communications, applications, updates and containers.
The internet is a very dangerous place for connected things. Those with inadequate security are prime targets for hackers to gain network access. For stronger security in the Internet of Things (IoT) and industrial control system applications, Mocana recently introduced Mocana TPM 2.0 (TrustPoint IoT endpoint security), to provide the highest level of IoT device assurance.
Using the Trusted Computing Group’s (TCG’s) Trusted Platform Module (TPM) 2.0 standard, Mocana’s customers can secure IoT device storage, communications, applications, updates and containers. (See Figure 1.) By supporting TPM 2.0, Mocana received all the benefits of hardware-based security that is standardized by International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) in 2009 as ISO/IEC 11889.
The TPM is a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. Mocana security software protects devices by using this cryptography. Key features of Mocana endpoint security software support for TPM 2.0 include:
- Mocana transport protocol stack (Transport Layer Security (TLS), Secure Shell (SSH) and Internet Protocol Security (IPsec/IKE)) integrated with TPM keys
- Applications running on native (bare metal) platforms can use TPM via local mode of execution
- Applications running in a container (e.g. Docker, LXC) or virtual machine (VM) environment can access TPM via remote mode of execution
- Support for Certified Migratable Key (CMK) functionality to migrate TPM keys
- Support for platform attestation with TPM quote
- Support for hardware, firmware or even virtual TPMs (TCG compliant)
With its comprehensive support of TPM 2.0 TCG specifications, Mocana software delivers a simple set of application programming interfaces (APIs) for application developers to leverage TPM capabilities to build trusted solutions. This approach has multi-vendor support for TCG-compliant TPMs from Infineon, ST Microelectronics and Nuvoton. In addition, applications on Windows can leverage TPM 2.0 capabilities that coexist with BitLocker. By taking advantage of the broad set of key generation and key operations with TPM 2.0, the software supports Storage and Endorsement hierarchies as well as RSA and elliptic-curve cryptography (ECC) keys.
Specific Security Examples
As shown in Figure 2, trusted device identification derived from a hardware or firmware-based TPM Root of Trust provides identity proofing for digital authentication. This approach meets NIST 800-63B AAL3, the highest level of authentication assurance, and support Proof of Possession of a secret for both Certificate Management over CMS (CMC) and the Enrollment of Secure Transport (EST). Integrated with Mocana TrustCenter services, it enables automated secure device enrollment based on multi-factor trusted artifacts.
Secure Storage is achieved by protecting data with encrypted files or folders using TPM 2.0 keys to wrap the encryption keys. The endpoint software provides the ability to bind the encryption to the device state using Platform Configuration Registers (PCRs) on the TPM. (See Figure 3.)
Mocana transport protocol stacks, TLS, SSH and IPsec/IKE, can be integrated with TPM 2.0 for secure key storage and restricted access. For secure transport, Figure 4 shows the application use of cryptography secured with the associated private keys protected by the TPM. With this software, OpenSSL enabled applications can seamlessly migrate to the Mocana stack using the TPM 2.0 integrated OpenSSL Connector for secure communications.
For remote attestation, the security software enables a remote service (verifier) to determine the level of trust in the integrity of a target platform on another system. The verifier trusts that the local attestation is accurate based on signing by the TPM with a key certified by the Certificate Authority (CA). (See Figure 5.) Measurements of interest are extended to Platform Configuration Registers (PCRs) in the TPM. The use of Attestation Identity Key (AIK) credentials issued by a trusted CA attest to the TPM quote. Support for use of TPM keys also ensures that devices are trusted before firmware is updated.
By supporting TPM 2.0, Mocana’s end-to end system of cyber security provides development, manufacturing, shipping and device activation security as well as secure updates and management to ensure device trustworthiness over the entire life cycle of an IoT product. This level of security enables compliance with cybersecurity standards since it currently is the only solution to meet the requirements for US NIST AAL3.
TrustPoint and TrustCenter are trademarks of Mocana Corporation.
Shreya Uchil is the Director of Solutions Engineering at Mocana. In this position, she leads the pre-sales function of technical account engagement and pre-production solution design. She also manages the post-sales customer success team to ensure effective customer on-boarding. Earlier in her career, she spent 8 years at Hughes Network Systems as a Senior Sales Engineer where she helped design and build communication networks using Hughes’ technology platform, including its wireline, wireless and satellite technology offerings. Shreya holds a master’s degree in Electrical Engineering from Penn State University.