Trusted Computing

[awk]

Para-Virtualized TPM Sharing

By Dr. Jork Löser, Microsoft

http://os.inf.tu-dresden.de/EZAG/abstracts/abstract_20080314.xml

The talk introduces a technique that allows a hypervisor to safely share a TPM among its guest operating systems. Our design allows guests full use of the TPM in legacy-compliant or functionally equivalent form. The design also allows guests to use the authenticated-operation facilities of the TPM (attestation, sealed storage) to authenticate themselves and their hosting environment. Finally, our design and implementation makes use of the hardware TPM wherever possible, which means that guests can enjoy the hardware key protection offered by a physical TPM. In addition to superior protection for cryptographic keys our technique is also much simpler than a full soft-TPM implementation. The talk shows that a current TCG TPM 1.2 compliant TPM can be multiplexed easily and safely between multiple guest operating systems. However, the peculiar characteristics of the TPM mean that certain features (in particular those that involve PCRs) cannot be exposed unmodified, but instead need to be exposed in a functionally equivalent para-virtualized form. We provide an analysis of our reasoning on the right balance between the accuracy of virtualization, and the complexity of the resulting implementation.