One of my current engineering efforts is in support of the concept of hardware attestation. What is that? Here’s my attempt at a summary:
Attestation is a way of showing something is true. In this case, it is proving that the software you are talking to is from a trusted vendor. In my case, that software is the Firmware for the System-on-A-Chip. While there are many levels of Attestation, they all resolve down to the lowest level software. It doesn’t matter if the Operating System is good if the Firmware is bad, there is the potential for a violation. This is no guarantee that there is not a violation. Attestation is necessary-but-not-sufficient.
How do we attest? Well, we have to talk to a server. There are two different types of servers I have been exposed to in my current effort: BMC and Operating System. They do roughly the same thing. Some external program makes a connection to either the BMC or the OS, and and makes an attestation request. “Show me the firmware you are running and a cryptographic signature for it.” Basically, I am back in the world of X509 certificates. Although attestation does not need to be done with X509, it needs all the stuff from X509 and so it is easiest to explain in terms of X509.
The building blocks:
The main building block of most computer security is the concept of asymmetric cryptography. This means that you have a computer algorithm that can encry0pt and decrypt messages. The keys used by this algorithm are related to each other but different from each other. One is going to be labeled the public key. The other is the private key. Which is which is arbitrary, but once you decide, you need to treat them consistently. If you use the public key to encrypt a message, you can only use the private key to decrypt it, But if you use the private key to encrypt a message, you can only use the public key to decrypt it. There are many ways that these are used, but I am going to focus on one of the; signatures. However, before we can explain signatures, we need one more concept: hashes.
A cryptographic hash algorithms takes a long document and produces a short string that represents that document. What is special about cryptographic hashes is that a very small change in the docuemtn produces a different hash. If you change a period to a comma, you get a different hash.
I can take the text above, starting with the phrase “Attestation is a way…” up to the phrase ” you get a Different Hash” and put and put it in a text document. I will also add an addtional line and put a period on it. I can use the program sha256sum to product the hash like this:
sha256sum attest.txt
396f4edd98ddf09d44a2842e9495db25b7e7b5a0b5a747a4fd29b8e36c5abfab attest.txt
However, if I change the final character from a period to a comma,
diff attest.txt attest2.txt
10c10
< .
---
> ,
I get this:
sha256sum attest2.txt
9282e247e2b21a49731b2a631ed2fc2afb3184fc5908ee893111ad6cfb142f9e attest2.txt
A cryptographic signature for a document takes a sha256 hash and encrypts it with a private key. Now If someone wants to confirm a document, they 1. Use the public key to decrypt the hash and 2, hash the document themselves to see that the hashes match.
Attestation is based on requesting a signature for the firmware running on a system. The public key used to validate that signature comes from a cryptographic certificate (that is where X509 comes in) so you can establish a chain of trust. X509 is a fairly huge area, but the only part of it necessary to understand here is that one public key can be used to sign a document containing another public key…and so on in chains. This is how your computer set up an https session to read this blog, and also used in many of the algorithms used to identify yourself on the internet.
OK, that is a pretty big nutshell. Maybe a coconut. But I think that is a succinct as I can make it. This skips a lot of the context.