What Is Trusted Computing?

Trusted Computing / Trusted Computing (TC) is a technology driven and developed by the Trusted Computing Group (Trusted Computing Cluster, formerly known as TCPA). Trusted computing is a widely used trusted computing platform based on hardware security modules in computing and communication systems to improve the overall security of the system ^[1] . The endorsement key is a 2048-bit RSA public and private key pair, which is randomly generated when the chip leaves the factory and cannot be changed. This private key is always in the chip, and the public key is used to authenticate and encrypt sensitive data sent to the chip. ^[2]

Trusted computing includes 5 key technical concepts. They are required for a complete trusted system. This system will comply with the TCG (Trusted Computing Group) specification:

Authentication key
Safety input and output
Memory masking / protected execution
Package storage
Remote proof

Trusted Computing Digital Rights Management

Trusted computing will enable companies to create digital rights management systems that are difficult to circumvent, but not impossible (cracked). An example is a downloaded music file. Using remote authentication can make the music file refuse to be played unless it is on a specific music player that implements record label rules. Sealed storage prevents users from using another player or opening the file on another computer. Music is played in shielded storage, which will prevent users from making unlimited copies of the music file while it is playing. Safety I / O prevents the user from capturing (streaming) to the sound system. Evading (cracking) such a system requires manipulating computer hardware or using a recording device or a microphone to obtain an analog signal (which may cause signal attenuation) or cracking an encryption algorithm.

Trusted Computing Identity Theft Protection

Trusted computing can be used to help prevent identity theft. Take online banking as an example. When a user accesses a bank server, remote authentication is used. After that, if the server can generate the correct authentication certificate, the bank server will only serve this page. The user then sends his encrypted account number and PIN and some guarantee information that is private (not visible) to the user and the bank through this page.

Trusted computing prevents game cheating

Trusted computing can be used to combat online game cheating. Some players modify their copy of the game to gain an unfair advantage in the game; remote authentication, secure I / O, and storage blocking are used to check all players connected to the game server (to ensure) that they are running an unmodified software Copy. Especially game modifiers designed to enhance player ability attributes or automate certain tasks. For example, a user may want to install an automatic aiming BOT in a shooting game and a harvesting robot in a strategy game. Since the game server cannot determine whether these commands were issued by a person or a program, the recommended solution is to verify the code running on the player's computer.

Trusted computing protects systems from viruses and spyware

The software's digital signature will allow users to identify applications that may have been added to spyware by third party modifications. For example, a website offers a modified version of a popular instant messaging program that includes spyware. The operating system can find a valid signature missing in these versions and notify the user that the program has been modified, but this also brings up a question: who decides whether the signature is valid.

Trusted computing protects data

Biometric devices used for authentication can use trusted computing technology (memory shielding, secure I / O) to ensure that no spyware is installed on the computer to steal sensitive biometric information.

Trusted computing protects biometric authentication data

Trusted computing checks the results of remote grid computing

Trusted computing can ensure that the results returned by participants of a grid computing system are not falsified. Such large simulation operations (such as weather system simulations) do not require heavy redundant operations to ensure that the results are not falsified, so as to reach the desired (correct) conclusion.

As far as China is concerned, Chinese government administrators have paid great attention to trusted computing and provided considerable financial support for trusted computing. For example, the National Password Management Committee of China organized the formulation of standards for trusted password modules, and provided some standards on its official website. The Ministry of Science and Technology of China's 863 Program has carried out special research on trusted computing technology projects, and the Natural Science Foundation of China has launched a major special research plan for "trusted software".

In the academic field, Academician Shen Changxiang of the Chinese Academy of Engineering Sciences, Researcher Feng Dengguo of the Chinese Academy of Sciences, and Professor Zhang Huanguo of Wuhan University have made great contributions to the promotion of the theory and technology of trusted computing.