Explore the integration of Trusted Platform Modules (TPM) with Raspberry Pi to establish secure and trustworthy IoT systems in this 55-minute conference talk from code::dive 2019. Delve into the fundamentals of integrity and trusted computing, learning how to build a chain of trust on a Raspberry Pi. Discover run-time TPM usage and boot-time measurement techniques, while understanding their applications in creating dependable IoT devices. Examine the limitations of Raspberry Pi in this context and investigate methods to mitigate supply-chain security risks and firmware attacks using TPM. Gain insights from Ian Oliver, a Distinguished Member of Technical Staff at Nokia Bell Labs, as he shares his expertise in trustworthy and high-integrity Network Function Virtualisation systems, privacy engineering, and formal methods.
Overview
Syllabus
Intro
The Raspberry Pi
How does it boot up
The TPM device driver
Random number generator
Whats inside
Hierarchies
Taking ownership of the TPM
Generating keys
Generating an RSA key
Generating an AS key
Load external keys
Exercise to redux
Encryption
NVRAM
NVRAM area
Measured boot
Default usages
TCG
We faked it
How we faked it
Raspberry Pi
Quote
TPM structure
Remote attestation
Rebooting
How it works
Define NVRAM area
Read from NVRAM area
Evil made attack
Changing the PCR
Backing up data
Open SSL
Safety Critical Systems
Taught by
code::dive conference
