21-01-2013, 12:03 PM
A PAPER PRESENTATION ON Palladium Cryptography
1Palladium Cryptography.pdf (Size: 169.46 KB / Downloads: 111)
ABSTRACT
As we tend towards a more and more computer centric world, the concept of data
security has attained a paramount importance. Though present day security systems offer a
good level of protection, they are incapable of providing a “trust worthy” environment and
are vulnerable to unexpected attacks. Palladium is a content protection concept that has
spawned from the belief that the pc, as it currently stands, is not architecturally equipped
to protect a user forms the pitfalls and challenges that an all-pervasive network such as the
Internet poses.
As a drastic change in pc hardware is not feasible largely due to economic
reasons, palladium hopes to introduce a minimal change in this front. A paradigm shift is
awaited in this scenario with the advent of usage of palladium, thus making content
protection a shared concern of both software and hardware. In the course of this paper the
revolutionary aspects of palladium are discussed in detail.
A case study to restructure the present data security system of JNTU examination
system using palladium is put forward.
INTRODUCTION
Need for security:
Many organizations posses valuable information they guard closely. As more of
this information is stored in computers the need of data security becomes increasingly
important. Protecting this information against unauthorized usage is therefore a major
concern for both operating systems and users alike.
Cryptography: Cryptography is the method in which a message or file, called plain text,
is taken and encrypted into cipher text in such a way that only authorized people know
how to convert it back to plane text. This is done commonly in four ways:
Secret key cryptography, public key cryptography, one way function
cryptography and digital signatures. Unless the encryption technique used is very complex
it is possible, with some effort, for crackers to decrypt files.
User authentication: It is a method employed by the operating system or a program of a
computer to determine the identity of a user. Types of user authentication are:
Authentication using passwords, authentication using physical objects (like smart
cards, ATM cards etc.), authentication using biometrics (like Finger prints, retinal pattern
scan, signature analysis, voice recognition etc.). Inherent problems of user authentication
are password cracking, duplication of physical objects and simulation of biometrics by
artificial objects.
Anti-virus software: an anti virus software scans every executable file on a computer’s
disk looking for viruses known in its database. It then repairs, quarantines or deletes an
infected files. However a clever virus can infect the anti-virus software itself. Some of the
popular anti-virus soft wares are Norton, PCcillin, MCcafee etc.
ASPECTS OF PALLADIUM
Palladium comprises two key components: hardware and software.
Hardware components
Engineered for ensuring the protected execution of applications and processes, the
protected operating environment provides the following basic mechanisms:
Trusted space (or curtained memory): This is an execution space is protected form
external software attacks such as a virus. Trusted space is set up and maintained
by the nexus and has access to various services provided by palladium, such as
sealed storage. In other words it is protected R.A.M.
Sealed storage: Sealed storage is an authenticated mechanism that allows a
program to store secrets that cannot be retrieved by non-trusted programs such as
a virus or Trojan horse. Information in sealed storage can’t be read by other nontrusted
programs (sealed storage cannot be read by unauthorized secure programs,
for that matter, and cannot be read even if another operating system is booted or
the disk is carried to another machine.) these stored secrets can be tied to the
machine, the nexus or the application. Palladium will also provide mechanisms for
the safe and controlled backup and migration of secrets to other machines. In other
words it is a secured and encrypted part of the hard disk.
WORKING OF PALLADIUM
Palladium is a new hardware and software architecture. This architecture will
include a new security computing chip and design changes to a computer’s central
processing unit (CPU), chipsets, and peripheral devices, such as keyboards and printers. It
also will enable applications and components of these applications to run in a protected
memory space that is highly resistant to tempering and interference.
The pc-specific secret coding within palladium makes stolen files useless on other
machines as they are physically and cryptographically locked within the hardware of the
machine. This means software attacks can’t expose these secrets. Even if a sophisticated
hardware attack were to get at them, these core system secrets would only be applicable to
the data within a single computer and could not be used on other computes.