Ahmad-Reza Sadeghi CHES, Yokohama 2006 [email protected] Ruhr-University Bochum Horst Görtz Institute for It security

Challenges for Trusted Computing

1

/ A h m a d - R e z a

S a d e g h i ,

© H G

I 2 0 0 6 Content Content Trust Issues and Vocabulary Complications in Distributed Application Objectives and Primary Goals Desired Primitives and the Need for Secure Hardware Software Concerns, open source, law and politics o o o o o Motivation Towards Trustworthy Computing Platforms Trusted Computing Group (TCG) Approach Security Architectures Based on Virtualization Selected Research and Development Projects Reactions to the Trusted Computing Group Some Technical Challenges Summary and Outlook

o o o o o o o o

2

/ A h m a d - R e z a

S a d e g h i ,

© H G

I 2 0 0 6 rthiness“ in a distributed Adversary Adversary Motivation Motivation How do we define „trustwo functionality and what are the consequences? open IT environment?

o o How can we determine/verify/measure it? o How could common computing platforms support such

3

/ A h m a d - R e z a

S a d e g h i ,

© H G

I 2 0 0 6 . . … … Trustworthy Future Future

→

Object: - ship Federation - a more advanced configuration Has - warp drive, updated control…. New

4

/ A h m a d - R e z a

S a d e g h i ,

© H G

I 2 0 0 6 our , our winning in computing” .” of MS, January 2002 , and .. .. vulnerable available, reliable and .” that customers never even “ security … … trustworthiness for all the work we are doing. We today. It is only in the context of from the way we develop software, privacy secure -- and just fixing bugs full-time employees interdependent and interconnected highest priority security, is computing that as fundamentally broader concept than A Memo A Memo is the our operational and business practices. As software to a whole new level of trust at every level is a much involves more than should be so are availability, trust as a company has in turn become more electricity, water services and telephony Bill Gates’ email on as about it.” lead the industry Trustworthy Computing Trustworthy Computing Key aspects Our software must “No Trustworthy Computing platform exists worry basic redesign we have done around” to our support efforts, to has become ever more complex, reputation Trustworthiness customers' secure

o” o “…. o o ”Keep our customers' o“ o o“

5

/ A h m a d - R e z a

S a d e g h i ,

© H G

I 2 0 0 6 comprising the intention to , trust is to reduce social complexity (how we that involves the voluntary placement of Complicated notion studied and debated action psychological state mechanism accept vulnerability based upon positive expectations of the intentions or behavior another [RoSiBuCa98] think about the world) [Luhm1979] resources (physical, financial, intellectual, or temporal) at the disposal of trustee with no real commitment from the trustee [Cole1990] Social Sciences Trust Issues and Vocabulary (1) Trust Issues and Vocabulary (1) oa oa oa oan oan o and has risk aspects temporal Trust: in different areas (social-sciences, philosophy, psychology, computer science,…)

o oIn

6

/ A h m a d - R e z a

S a d e g h i ,

© H G

I 2 0 0 6 or component is one is assurance that a system minimized Computing Group (TCG) Trusted System o Number of trusted components should be o Corresponds to “Trusted” as defined by Trusted IT security literature Trustworthiness or a component will perform as expected [AvLaLaRa2004] whose failure can break the security policy [Ande2001] Trust Issues and Vocabulary (2) Trust Issues and Vocabulary (2) oa o

oIn oIn

7

/ A h m a d - R e z a

S a d e g h i ,

© H G

I 2 0 0 6 ) ) i i Adversary Adversary D D , , i i : (Secret) data : (Secret) data : (Security) policy : (Security) policy i i i i :=(P :=(P i i D P D P Input Input i i O O User User (Secret) output (Secret) output Base) o (Trusted Computing TCB other (minimal TCB) conflicting) interests (resources) (policies) o different (possibly Have o distrust each Typically o parties involved Multiple o (require) services Provide

Complications in Distributed Applications Complications in Distributed Applications

8

/ A h m a d - R e z a

S a d e g h i ,

© H G

I 2 0 0 6 Application Scenarios Application Scenarios o Controlled usage and distribution in Supply Chains o copies Private o Copies among different platform types allowed o of digital content Transfer o Government (e.g., e-Voting integrity) o Health (confidentiality of sensitive medical records) o Commerce ((Non)-enforceability of digital signature) o use Enterprise oFair sale oFirst

o E-Services o and Document Management Rights o of services Outsourcing o Next generation mobile devices

9

/ A h m a d - R e z a

S a d e g h i ,

© H G

I 2 0 0 6

Example: Grid Computing Example: Grid Computing

1 0

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 User User [LoRaSaScSt2006, MaJiMa2006] Broker Broker Grid user as potential adversary ce providers (RP) and users (U) , unjustifiable) trust on providers on and authorization mechanisms Model Model MyProxy (credentials) MyProxy (credentials) o Grid users forced to place (often o Contracts, standard authenticati o Security measures often assume Resource Provider Resource Provider In practice more parties: Middleware provider, application provider Problem: User-provider trust asymmetry Main parties (simplified): resour Currently used measures

o o o o

1 1

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 preservation of users data Requirements Requirements o resources among different Grid jobs on one platform Sharing o Interoperability o Auditing o Delegation and single sign on o and billing Accounting o Confidentiality and integrity of data o Privacy (regarding underlying platform) o Authentication o Authorization o Fail-safe short and long term Functional Security Availability and correctness

o o o

1 2

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6

Towards Trustworthy Platforms Towards Trustworthy Platforms

1 3

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 rity measures still not useable enough [Kuhl2003, KuGe2003] tion mechanisms in hardware Objectives Objectives [Rann1994] o code (viruses, Malicious Trojan horses, …) o DMA (Direct Memory Access) o storage No secure o and poor fault isolation of operating systems complexity High o Lack of functional and protec o unawareness of users or Security secu different parties and strives to balance these requirements cooperation system (reporting their state) o Considers different and possibly conflicting security requirements of o Refers to (classical) security goals (confidentiality, integrity and availability) o conflict occurs between the wish for privacy and interest in Typical o protection in SW and HW of existing computing platforms Insufficient o Main reasons o the reasoning about “trustworthiness” Enable of own and other’s IT o … in contractual sense Multilateral Security Problems Main Role of Trusted Computing

o o o

1 4

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 usted computing functionalities Primary Goals Primary Goals companies) o e.g., GUI, common OS o No monopoly, space for innovation (small and mid-sized o Use open standards and source components o Trustworthiness/costs/reliability/compatibility o multilateral security needed for underlying applications Providing o potential misuse Avoiding of tr oassumptions and trust relations Based on different sets of

o security of computing platforms Improve o Reuse existing modules o Applicable for different OS o architecture Open o Efficient portability o realization of new applications/business models Allow

1 5

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 he end-points of input and output allows applications Basic Desired Primitives Basic Desired Primitives properties (e.g., identity and initial state) environment of an application located on a remote computing platform storage like hard drives memory operations o a computing platform to export verifiable information about its Allows o Comes from the requirement of assuring executing image and o persist data securely between executions using traditional untrusted to o encrypt data and assured to be the only capable of decrypting To it o (memory space) separation between processes Assured o a process from reading or modifying another process’s Prevents o application to assure t Allows o user can be assured to securely interact with the intended application A Integrity verification (Attestation) Sealed/Secure Storage Strong process isolation Secure I/O

o o o o

1 6

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 annot verify its own integrity rs (e.g., [Sailer al 2005]) et SE Linux [LoSm2001] [TrustedMach1991, Shap1999] o of security-critical programs Isolation o to cryptography Fundamental o (Trusted Computing Base) too complex and large TCB Still o e.g., Trusted Mach, EROS (Extremely Reliable Operating System) o less market acceptance Compatibility problem, o reuse of legacy software Allow (another party is needed) o storage Secure o DMA control o a secure operating system c Even o Hardware-based random numbers o Hardening, e.g., o Complete new design o Virtual Machine Monito Secure Hardware Software (Operating Systems)

Need for Secure Hardware and Software Need for Secure Hardware and Software

o o

1 7

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 – – Approach Approach A Short Introduction A Short Introduction

Trusted Computing Group (TCG) Trusted Computing Group (TCG)

1 8

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 I for accessing the functions ring synchronized access) M, Infineon, Intel, Microsoft, STM, ...) promote open, vendor-neutral industry e cryptographic functionalities based on correctly without external oversight ss multiple platforms and operating hese include hardware building blocks and ion that provides a standard AP ty functions can be provided nagement of TPM, ensu nctionalities and features entation [TrouSerS] Background Background istant assumptions of the TPM (resource ma o Open source implem o of cryptographic fu Set o is a software specificat TSS specification for trusted computing. T software interface specifications acro environments….. “ [TCG] which a larger set of securi o tamper-res Minimum o 136 enterprises (AMD, HP, IB Consortium o role: “…to Claimed develop, define and o of a limited set immutabl Assurance o (functions) Entities trusted to function o Lower layer verifies the integrity of higher levels before booting them o Trusted Platform Module (TPM) o Trusted Software Stack (TSS) o Infrastructure, Mobile,... TPM/TSS, e.g., TCG (Trusted computing Group) Basic idea Uses the concept of roots/chain trust [ArFaSm1997, Itoi et al 2001] Specified several specifications Different working groups

o o o o o

1 9

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 (RTM): Process that measures certain data (e.g., cryptographic of trust are RTM and TPM Model Model generated by the RTM keys) exporting the values held in RTM to any interested party platforms integrity maintaining values the expected manner for intended purpose oReporting (RTR): A mechanism for correctly Roots of Trust for o essential roots Minimal o Integrity and confidentiality of o Roots of Trust for Measurements oStorage (RTS): A logical entity capable of Roots of Trust for o focus on software attacks Specifications o According to TCG an entity can be trusted if it always behaves in Main objectives Trust model Adversary model Remarks

o o o o

2 0

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Functionalities Functionalities

Core TCG Components and Core TCG Components and

2 1

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 : : TPM : : TPM PCR[0] PCR[1] PCR[0] PCR[1] PCR[23] PCR[23] (PCR) (RNG) (PCR) Number Random Platform Platform Registers Registers Generator Configuration Configuration Storage Generator RSA Crypto Non-volatile Engine & Key HMAC Engine Computing Opt-In SHA-1 Hash Engine Trusted Platform Module (TPM) Trusted Platform Module (TPM) Input/Output hardware chip on main board TPM2003] STM,…)

TPM

o implementation is a dedicated Current o versions 1.1b and 1.2 [TPM2002, Two o component Passive o (Atmel, Infenion, Sinosun, Manufacturer

2 2

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6

Details Details

2 3

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 TPM Forecast TPM Forecast IBM, HP, Siemens-Fujitsu (see [TPMMatrix2006]) for secure setup (requires TPM v1.2 [TPM2003])

o vendors ship platforms equipped with TPM e.g., Many o Microsoft’ Vista [Vista2006] uses TPM functionalities

2 4

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 : : : : PCR[0] PCR[1] PCR[0] PCR[1] PCR[23] PCR[23] )) 0 = S i (S ∧ || Input) N Seal(State,PK,Data) ryption (RSA), key generation

⇔ epresented by a subset of PCRs ) ← PK PK 0 0 S S initial state 0 [Data] , Input) = SHA1(PCR Seal(State,PK,Data) N TPM Features TPM Features ← PK 0 S current state, S extend(PCR o[Data] o Data=Unseal([Data] i o Hash (SHA-1), signature, enc o Storage for (integrity) measurements o for measurements is computing hash values Metric o PCR values are so-called extensions o r TPM state to Binding data oS Hardware-based random number generators Cryptographic functions Platform Configuration Registers (PCR) Sealing/Binding

o o o o

2 5

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 M (e.g., other keys of TPM) TPM Features: Keys TPM Features: Keys of PCRs certificate for EK) o identifies a TPM (manufacturer may provide uniquely o created by TPM, certified CA, primarily used to sign subset o to encrypt data outside TP used o created inside TPM, private part in TPM uniquely o to encrypt all other keys created by the TPM used okeys decide to delegate migration upon creation of Endorsement Key (EK) Attestation Identity Key (AIK) Storage keys Storage Root Key (RTS) Migratable and non-migratable keys Certified-migratable keys

o o o o o o

2 6

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6

Integrity Measurement Integrity Measurement

2 7

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Entity N … Entity B RTM Entity A needed before passing the control to it o trust the chain identity of each member is To o = measurement according to TCG definition Identity o flow: Each member measures its successor Generic o be trusted, no mechanism to measure it Must o creating chain of trust the first entity is RTM For Chain of Trust and Measurements Chain of Trust Chain measurement Root of Trust Chain of Trust and Measurements

o o o

2 8

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Extend Data Extend Value Entity B Event Structure for all measurements in the TPM 1 2 age media, e.g., storage device PCR TPM 4 RTM Measurements Measurements 3 SML o SML contains the Event Structures o SML can be stored on any stor 1. RTM measures entity B 2. RTM creates Event Structure in SML (Stored Measurement Log) o3.RTM o RTM extends value into PCR o Contains extend value (actual result of digest) and data o structure for each measurement extended into the TPM One Measurements Event Structure

o o

2 9

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 measures BL TC BL measures OS OS measures App BIOS CRTM measures BIOS Measurement OS BL m m BIOS m : : PCR[0] PCR[1] PCR[23] TPM

st ru f T o in ha

C Hardware Bootloader (BL) Trusted OS (TOS) App Operating System (OS) CRTM o based on TCG approach Instantiation

Execution Bootstrap and Integrity Measurement

Trusted Components: o Core Root of Trust for Measurement (CRTM) o Platform Module (TPM) Trusted

3 0

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 [tGRUB2005] for Future Usage) TCG_HashAll; TCG_PassThroughToTPM TrustedGRUB TCG-enabled Hardware TCG-enabled boot loader Platform Configuration Register 00: BIOS 01: Mainboard Configuration 02: Option ROM ROM Configuration 03: Option 04: Initial Program Loader (IPL) 05: IPL Config & Data (Reserved 06: RFU 07: RFU „stage2“ of 08: First part „stage2“ 09: Rest of 13: Arbitrary file measurements system files 14: Booted modules,...) (e.g., Kernel, TPM BIOS CRTM TPM Driver Device Service CPU Bootloader (Stage2) Bootloader (Stage1) TCG API | Pre-Boot-Driver Service OS Kernel Integrity Measurement: More Details Service Measured by

Hand over control

3 1

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6

Attestation Attestation

3 2

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 ) H TPM ... ? σ H Verifier (cs, C Conf. List Verify Do I like C (trustworthy) , cs) v ) (N H TPM AIK σ Attestation (nonce) v N :=Sign : Configuration of Host H H TPM cs := hash(C Goal: Remote verifier interested in state of host H C attest(): Output channel for σ v N AIK must be certified (not shown here) TCG Attestation (simplified) TCG Attestation (simplified) PCR: cs Genkey(l) H (TPM) (Host) ← Attestor AIK TPM

Platform σ

3 3

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 knowledge of possession a valid certificate valid certificate o No privacy-CA needed o zero-knowledge proof of A (Privacy-CA in TCG Terminology) certifying that an AIK comes from a TPM Attestation) Protocols [BrCaCh2004] o Requires certification by a Trusted Third Party o Unlinkability by DAA (Direct Anonymous achieved pseudonym of AIK (different key for each transaction) Attestation Identity Key (AIK): Overview Attestation Identity Key (AIK): Overview

o a signature key that can act Provides o a TPM can have unlimited number Theoretically o Authority Certification

3 4

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Virtualization Virtualization

Security Architectures Based on Security Architectures Based on

3 5

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 tment against a reference value value of the binary code Some Terms Some Terms o e.g., represented by the hash o e.g., verify hash of the compar state an endpoint compartment o A process logically isolated from other processes o behavior of a state machine based on an initial I/O o A secure channel verifying expected configuration of Compartment Configuration Trusted Channel

o o o

3 6

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 vTPM TPM TPM Manager … … …… v v GUI Legacy OS (e.g., Linux) , Presidio , Presidio Secure Secure Memory Management, Job Job LaGrande LaGrande Grid Storage Online Manager Banking HDDEnc Conventional Hardware Conventional TPM, TPM, Scheduling, … (L4, Xen) Isolation v v Manager App Compartment IPC, Hardware Sharing, Legacy OS (e.g., Linux) App Proposed Architecture Proposed Architecture Untrusted storage Manager Attestation Existing OS Security Applications CPU Devices Trusted Computing (TC) technology

Secure VMM

Applications o o

Trusted Software Layer

3 7

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Hardware o o o Layer Virtualization Memory Management, Scheduling, … IPC, Hardware Sharing, Virtualization Layer Virtualization Layer o CPU, devices, interrupts e.g., o Based on microkernels family) [Liedke1996] (L4 o Based on hypervisors [Barham (Xen) et al 2003] o an abstraction of underlying hardware Provides o management primitives Offers o control polices for resources Access o Examples

Layer

Virtualization

3 8

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 vTPM Manager …… GUI Secure Storage Manager Manager Compartment Trusted Software Layer Trusted Software Layer Manager o channels Trusted o Strong compartment isolation o Manager Trust o Compartment Manager o Storage Manager o Secure GUI Attestation

o elementary security properties Provides o services Main

3 9

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 compartments confidentiality, freshness, … communicating to over trusted channel compartments o creation, updates, and deletion of Manages o Provide persistent storage while preserving integrity, o Has access to configuration of clients it is o Determines/Attests the properties of local and remote Compartment Manager Storage Manager Attestation Manager Trusted Software Layer Services Trusted Software Layer Services

o o o

4 0

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 App App Isolation Application Layer Application Layer App Legacy OS (e.g., Linux) App Untrusted storage possible services can be achieved by parallel instances of legacy OS

o Efficient migration of legacy software o Isolation between applications of legacy

4 1

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 User User Remote compartment Remote compartment Trusted Channel Trusted Channel v v Grid Job Job Migration in Data Center/Grid Job Migration in Data Center/Grid o vTPM state must not be subject to modification, duplication or comprise Local Compartment Local Compartment Request migration Establish trusted channel to destination node Transfer image and vTPM Update state of storage manager Local compartment Local compartment

o o o o

4 2

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 TC related Research TC related Research Activities/Projects Activities/Projects

Selected Selected

4 3

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Overview Overview www.trl.ibm.com/projects/tvd/ www.opentc.net www.emscb.org o Partly supported by METI Japan o o Funded by European Union o o funded by the German Partly Government o o funded by the German Partly Government o European Project o In evaluation phase Trusted Virtual Domains Open Trusted Computing (OpenTC) European Multilaterally Secure Computing Base Trusted Mobile Computing (TRUCOM) Trusted Embedded Computing (TECOM)

o o o o o

4 4

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 e, supporting Linux in particular Open Trusted Computing Open Trusted Computing University (XEN), Dresden (L4 microkernel) o as Open Distribution Source softwar o across different platform and OS types o Bochum University (security architecture), Cambridge Academic: o AMD, HP, Infineon, IBM, SuSE/Novell Industrial: of x86 CPUs from Intel and AMD ([LaGrande2003], [Pacifica2005]) framework and solutions Trusted Computing European commission

o Define and implement an open Trusted Computing framework o choice between proprietary and non-proprietary solutions for Providing o distribution by SUSE Wide o Collaborative, academic/industrial research project co-funded by the o 23 Partners o on the cost-efficient widely deployed TPM and new generation Building o Consensus driven introduction of a transparent Trusted Computing

4 5

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 corporation to trust CPC Use Cases Use Cases OpenTC OpenTC green for trusted) o Virtual customer infrastructure o Deployed on a smaller number of physical machines o Based on idea of colored computing (red for untrusted and o Virtual Machine Trusted o Initialization via Trusted GUI o Planed Demo November 2006 o Home PC o Virtual cooperate PC (CPC) o computing to enable Trusted Virtual data center Personal Electronic Transaction Cooperate computing at home

o o o

4 6

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 www.emscb.org European Multilaterally Secure Computing Base 2001] / [Haertig et al 2005]) to allow new and Project Project - - secure enough EMSCB EMSCB Dresden University (L4 microkernel), Institute for Internet Security (Gelsenkirchen) SAP o PERSEUS/Nizza ([Pfitzmann et al o L4 (Microkernel) o Academic: Bochum University (Security Architecture), o Bosch/Blaupunkt, escrypt, Infineon, Sirrix, Industrial: innovative business models European Multilaterally-Secure Computing Platform [SaStPo2004] platform that is

o Based on o Develop an open multilaterally-secure computing o o Partners from academia and industry 7

4 7

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 EMSCB Use Cases EMSCB Use Cases o Booting Secure o encryption keys Isolated o also [Alkassar See al 2006] et o Certificates Isolated o Attestation Application o also [Alkassar See al 2006] et o of digital content Protection o of pragmatic security policies Enforcement o of Linux compartments Isolation o of different security policies Enforcement o Navigation System in cars

o HDD-Encrypter (Prototype available) o Secure VPN Module (Prototype available) o DRM Prototype (End of 2006) Fair o Enterprise Rights Management (End of 2007) o Embedded DRM Viewer (End of 2007)

4 8

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 grity verification each entity within network topology configuration of ing entities used to perform a service Trusted Virtual Domains Trusted Virtual Domains regardless of the physical machine or those entities (domains) the domain o Containment: Isolation of the comput o and trust guarantees by conveying inte [Bussani et al 2005] processing data of different customers )

o management and providing explicit infrastructure-level Simplifying o Use case: System management in strategic outsourcing (Data Centers o IBM Tokyo and METI Project:

4 9

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Group Approach Group Approach

Reactions to Trusted Computing Reactions to Trusted Computing

5 0

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 dium to NGSCB, Longhorn of choice and user control) on rights to the name (see, e.g., (leads to misunderstanding) operation [Scho2003], [Ande2002, Concerns Concerns applications from accessing data, thus locking out alternative applications and inhibiting inter Vista [Microsoft2003a, Microsoft2003b, Microsoft2003c, Vista2006] [Lemo2003, Bech2003]) Ande2003, Cour2002] o Privacy violation (disclosing platform identity and configuration) oOpt-in Confusing language: Trust, Control, o Core specifications unreadable o basis Potential for DRM o Less freedom (including o name changes from Palla Several o Misuse of sealed storage capabilities to prevent other o publicity Bad or legal challenges criticism

o Since its announcement, TCG has been subject to much o of the criticism is related to Microsoft’s NGSCB Much o Danger of restricting competition

5 1

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 o no back doors Assurance: o No collection of user profiles ensure that the use of TC/DRM technologies does not adversely affect the integrity, availability and confidentiality of government- held information or related government systems o User’s privacy o Unrestricted user control (e.g., over keys and IT technology) o of certification Transparency o for transferring secrets between different machines Option o separation of TPM and CPU / chipsets Functional o discrimination Product o Defines principles and policies for TC/DRM composed system to Party) [EC2004] Legal Requirements on TC/TCG Legal Requirements on TC/TCG

o Government requirements catalogue on TCG German o Electronic Frontier Foundation (EFF) [Scho2003] o Commission Article 29 (Data Protection Working European o common requests: Main o [NZG2006] New initiative Zealand Government’s

5 2

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 ] [GPLv3 ‘state of the art’ mechanisms) financial, insurance, aerospace S spectrum, typical reactions ly incompatible” with OSS particular piece of software ent of institutional and professional users TC and Open Source TC and Open Source o Government, public administration, o Strict requirements (audit, compliance, o Important market segm o No alternative to using a o Computing’ ‘Treacherous (Stallman) has become issue for GPLv3 o Highly controversial debate: Stallman vs. Torvalds o As of Sep. 2006: Stallman vs. Linux kernel developer community o Might lead to deep split in OSS communities & licensing models o “Will TC be supported for Open Source based solutions?” o systems frequently used in security critical environments OSS o Main reason: transparency, vendor-independence o TC could be “philosophical o TC may put OSS at a disadvantage o TC may lead to customer lock-in

o Customer concerns o Concerns from parts of the OS

5 3

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6

Some Technical Challenges Some Technical Challenges

5 4

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Overview Overview o complexity, compliance and security TPM o Attesting properties instead of integrity o Efficient maintenance o virtualization Malicious o Widespread commercial applications o Computing platforms with dynamic HW Configuration o PKI problems o models & methods Formal

o In this talk o Others

5 5

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 with not compliant curity and technical evaluation of TPMs are majority authorization) [Sadeghi et al 2006] o Need new and efficient test strategies concepts o e.g., dictionary attack, accessing keys without valid SRK [KuScPr2005]) specification [Sadeghi al 2006] et o commands (123) with many parameters (3 to19) Many o functionalities (and commands) are really needed? Which o Recent tests show o TPMs Some vulnerable to attacks due weak implementations o In particular necessary from users’ perspectives o on existing functionalities (e.g., secure storage) Based o trade off between se Engineering o Construction Kit TPM o more security against hardware attacks (see also Towards Specification very complex & complicated TPM Compliance and Security Test TPM Emulation Integration of TPM into CPU or chipset TPM Functionality and Complexity

TPM Functionality and Complexity

o o o o

5 6

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Command Structure and Relation Command Structure and Relation

TPM Functionality and Complexity: TPM Functionality and Complexity:

5 7

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Sealing/attestation has the potential to exclude alternative software products systems (e.g., Linux) Sealing allows content providers to enforce usage of a specific platform configuration Application vendors can exclude alternative software Verifier can obtain information about remote platform configuration o o o o Discrimination Observable Conceptual Problems of Attestation / Sealing I Conceptual Problems of Attestation / Sealing I

o o

5 8

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 (constantly growing through patches, compiler options and software versions) “evolution of trustworthiness” of a given configuration o o System update: Sealed data is inaccessible after updating measured system components (e.g., patching TCB) Might affect: cryptographic keys for accessing networks, documents, media files, etc Vast number of different platform configurations This makes it hard to keep track o o o o Inflexible Complexity and management o o

Conceptual Problems of Attestation/Sealing II Conceptual Problems of Attestation/Sealing II

5 9

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 iour of the underlying object built-in measures conform to ements (e.g., a security-related) governmental organisation Based Attestation (PBA) Based Attestation (PBA) - - with respect to certain requir the privacy laws o describes an aspect of the behav o i.e., it has privacy-preserving, o Multi-Level Security (MLS) provides o security evaluated by a object provides the desired properties instead of specific configuration [SaSt2004] correct definition depends strongly on the underlying use case and its requirements Property Property

o Property (informally) o Verifier usually interested in whether the attested o Properties on different abstraction levels o choice of correct or useful property set and its The

6 0

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 ties [SaSt2004, Chen et al enforce that a machine can only yses the code of machine to another party has certified the behavior of M with that defined by the desired property P enforced security policy (e.g., [MaSmBaSt2004] for SE Linux [LoSm2001]) PBA: Possible Approaches PBA: Possible Approaches o a machine model this means that attestor In compares the I/O o reference monitor and to attest both OS the Example: o this third party has to be trusted by both Obviously, behave as expected. derive properties [HaChFr2003]) ([Necu2002], presence of the desired proper 2006] o proof-carrying code and semantic analysis Exp.: o Property attestor is trusted to o attestor property directly anal o attestor property proves that Code analysis Delegation Code control

o o o

6 1

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 o Vendor out of business? oPrice? implemented in any existing TPM o is optional Process o information on whether mechanism is No o Works only for TPMs of same vendor o interaction with vendor Needs HW breaks? Sealed Data & Hardware Migration

o TPM maintenance procedure [TPM2005] o Efficient recovering of sealed data when

6 2

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Platform Updates platform configuration that adheres to the existing security policy. information to be accessible before and after patch. o Remote party wants that new Security: o Owner/User wants protected Availability: o Software-supported o TPM-supported o sealing Property-based

o Requirements for a patched TCB o Solution proposals [KuKoSaSt2005]

6 3

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 M should be cleared afterwards Migration source TPM osecure as only if destination TPM at least as Migration o The state of the source TP o Confidentiality of TPM data o Delegate decision to trusted third party o No need for interaction with vendor securely transfer complete TPM state o Completeness: Platform owners should be able to o Security: o openly specified process Fairness: o A migration protocol with above properties

o for TPM migration Requirements o proposal [KuKoSaSt2005] Solution

6 4

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 tors have full access to the nes (VM), thus to all secrets Virtualization Attacks [King et al] o [Ligu2006], [Ou2006] and SubVirt e.g., Blue Pill [Rutk2006], o e.g., using property based-attestation [SaSt2004] o but, is it essential? internal state of Virtual Machi existence of malicious VMM o Virtualized operating system cannot always detect the o Compromise computing platforms o virtual machine moni Malicious o Computing can help to prevent virtualization attacks Trusted o and flexible solutions needed Efficient

o Virtual-machine based rootkits o Solutions must guarantee anti discrimination o proposal Solution

6 5

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 Secure Multiparty Computation bounds will not change (see, e.g., [BeDoFe2006]) and resources

o will be more efficient Protocols o Note that a TPM has limited functionality

6 6

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6 y for secure operating systems? ternational and joint efforts r innovation (small and mid-sized technology (although competition on enterprises) Summary and Conclusion o No discrimination and space fo market segments already started) extending them with functionalities o deriving/pushing technolog Possible o plays an important role (TPM manufacturing, research in TC) Europe o needs many improvements Still o It is not restricted to the TPM o Protect end-user rights o the right environment Provide o Understanding TC and having impact o Academia, governments and industry o reasonable standards Establishing o Not to forget our purpose (more security for IT Systems) and not only Trusted Computing is an emerging technology Careful deployment of TC in solutions require Long term

o o o

6 7

/ A h m a d - R e z a

S a d e g h i

, © H G

I 2 0 0 6

¢¡¤£¥¡§¦¨¡¤© ¡¤

 ¥  !!"#$%&%'(¥*)+-,.0/1324.0/4,53*6)7/4%'98;:=<>*?2@98@A9/4,B);CD/4,E,FG'27H454);+-0.I*

,G1G38@KMLN2;*.O4,PQK-.0/4,RS.TO4VUXWZY*[;,.]\^G3.IK7_4,WG`G18baNc(dfeg¤.*.I_4*8-UXW$hE242;\jiXhkG@UXW9%',WG

J

2;S.IO4,RQKl2;WO@,RW9G \(O4W9_3nm§ !!9"4e

 G184S !9!4o#Z<¤W7pG1840EW9GgLp2;S.IO4,PQKZ\^G1A,G4*,G4A1Lprq$O4,F8@DW$sDO1,RF8@,G4A$YN_tG38454§Y,FQ,54O@*8&2;K@Q%'e

,R*K`iB !!1oSmI)7hE24s du!:Bv@w;o:=x9yz9 9 n:k"4) !!4o9e

J

 G184S !9!9 ¥#Z<¤W7{G18@0WGgL|CDK7_4WA9_4/;K}G18~CDW%{_tI,R,WGc€W,F.IK}hQEO4S{¤,P/ƒ‚ „pO3Q*8~CDW%{_4O@,RG4A3‚Re

„p*.0/4G1,.* _tW*)3C %]54,8@A9$†G4,[0,PQK9)1 !!7 @e

 G184S !9!x#Z<¤W7 G18@0WGgL ‚ „pO1Q*8 CDW%{_4O@,RG1A1‚ ‡1Sˆ9O1G7K S8 ‰NO4SQ,RW9G1*L

„C¤Š„C§qfŠ¥‹ 7q$G18@¥Š¥dNq?23C s¤Š‹gW9G4A/4W9GMŠncŒ98@,O4%Š¥„CDc feŽp[¥,54R¥‘@’;’7“ ”•;•–;–7–§—0˜9™^—˜šn›—

š1˜€—=œ;1•4ž¥Ÿ4 7šM¡*¢1•’3˜n“4š3£7¤;š7¥^—=@’n› ™4) !9!"4e

 0‡172;%¦o*zz;wS# ,RR,F%§fe(51O4A/ )(YNn[;,F8©¨3e^‡15t'G18ª¨9WG1/1G©+}e(2@%&,R/ L-¢*.O4 G18ª,F54

J

5tW;WE0_{0.0/4,RS.TO19eShkG{c^[email protected]**8@,G4A9€WU1/4¤hk\^\^\ª2;K;%{_tW9,RO4%«WG{<¤**.0/],RG¬2;S.IO4,RQKVG18]c^,R[¥9.IK)

_1AS?"9­n:Ew;o9)¨®$;FG18g)¨C f)¨+-nK¯o*z9z7w@e hk\^\^\«CDW%{_4O4&2;[email protected],IQK)€„p*.0/4G4,F.DCDW%{%{,P*¬WG¯2;S.IO4,PQK

G18 c^,[¥.K)@hk\^\^\°CDW9%{_4O@*2;[email protected],IQK¬c(S*e

  [@‹p‹ 9<9 !!v#fe@p[;,R>*,R*G4,*)@¨1e :ECNe7‹p_4,R9)7s$e@<G18@MG18¦CNe7‹pG18@ /1*L€„p±@WG4W9%VK&WU YN_tG18454$G18

2;S.IO4CDW%{_4O@,RG1A1eghk\^\(\²„ 0G1.I,WG1$W9G³YN_tG18154¬G18´2;S.IO4CDW%{_4O@,RG4A3) aŒW9RO4%{bo9)ghQO4bo9)

_4_´o9oI:kxxfhk\(\^\) !!v1e

 s§/1%µ !9!x#NcŒO4Ms§/1%¦)7sDW9,F(YN0AW¥[;,F.)¶Z*,R ‡40S)727[9G·NG18 )@„§,%µ·,*)9R±'·W1);<¤WRU

dO4A951O4S)phQG}c^0¥E&G18}¤8@ ¸1F8 L]¹G©G18³/4VWU§[;,EO1,>*¥,RW9GgeghkG}c^[email protected]**8@,G4A9fWU

J

/4VoSz¥/lC +º2;K;%{_3W7E,O4%jWGl®N_t0¥,RG4A&2;K@Q%'(c(,G1.I,_4*Ni621®Z2;c‚ !9x9mT)@s WRW9G¬‹ G18@,G4A1);d¤»&)7†$2@f)

®$.IW5t !!9x4e

 s *.0/3 !!x#Z2Me9sDS.0/7WF8 L¨„§/4c^*G7(G38'‡4O@O4WU Y,A,R3<¤,A/7(+-G1A*%&*G7€¼½+bO1,RG1A9^W9G{\^%{A,G4A

‹ A9 c^W54%'*e4Y,A,Rg<¤,RA9/7+-G1A9%{G7S);‹pd$C§2¦ 9w9w¥!1L ­z7wS:k"9­v1) !!x1e

 s *YNW9‡4n !9!"¥#f¾t,G1,F84 sD*G4G3EW9Gg)g+b,G³‡1W*)g‡4*R,R±´CNeg‡1*,R,RG1A1)gYNWA9G`¶ZS8@W9A9Gg) ‹gO1.,¦YN9ˆ9O1]c€G3EW3L

„pO3Q*8@cŒF*L€2;S.IO4+bO1P,R_1EQK¬CDW%{_4O4¥,RW9G¬hk%{_4%{G7S8'¤,R/l2;%'E§C 81e3ooI/'\^O4W_t*G2;K;%]:

_tW9,RO1%¿WG¦<¤SES0.0/,G-CDW9%{_4O@*2;*.O4,PQK|iÀ\D21®$<¤hC§2¦ !!"7mT)42;*_@*%V5tN !!"1)@·%]54O4A1)4q$%'G;Ke

 s TC ;CD/3 !9!v#N\^G1,R's ,F.0*RB)g¨7G´C %{G4,F.0/ )gG18³‹g,Fˆ7O4G}CD/1GgegYN,R*.IfG4W9G7K;%{WO3NESQ0¥,RW9Gge hkG`c(W:

.*84,RG4A7¨WU1/4?oo/&C +ÁCDW9G@UXG1.DW9G'CDW9%{_4O@*^G18'CDW%{%]O4G4,F.¥,RW9G1€2;*.O4,RQK) 9E/4,G4AWG )YZCN)

J

†$2@f) ®$.TW953* !!v1e@C +Âc^*e

 s O1G1,t !!9­¥#ZVe4s O1G1,6)@¨3e ‹(e1q$,RÃ'Gg)4s$e ¨7G1G );¶{e4¨9O4,.0/g)4q&e1¶?ÀÄQW/g)@·fe4+|O4K9%{1)7+¯e4d¥:

%]O41)¨9)Œ+}e€24.0/7O1G9S)¨Ve¨„¨G1G4S)¨‹(epa^G¯YW;W9Gg)€\e fe¨a^G©· A/1Gg)¨+}e ,F8@G4**)^2Me

J

»^W7E/4,/1%{1L „pO1Q*8¦aN,RO1pYNW%',G1*L§2@*.IO1f‡1WO4G181¥,WG3¤UXW$s O1E,G4SG18bhQ„u2;*[;,F.I**e /4,R*_1¥:

J

_tS)1<C§ x;w¥z9 4)7dW¥[*%V5t¤z4)1 !!9­4e

ÅCD/4G I !9!"¥#?‹g,Fˆ7O4GªCD/4G )p<,RG4*f‹ G18;UX%'G4G )p·G1?‹gW;*/4*)p+-;O1?<¤W/1)p/4%'8;:k<¤*>*b2@84A/1,

G18CD/1,FQ,G2;H454L`Æc(W[email protected]§UXW'c^W_tQK7:=s§*8ª ESQ0¥,RW9Gge(¤.._@*8ªUXW¬„§/4-‡¨,E¬C +

W@E/4W9_lW9G¦24.F51R?„pO1ES8¦CDW9%{_4O@,G4Abi624„CN‚ !9"9mTe

J

ÅCDWoSzz!#$¨7%{*CDW9R*%{GgLŒ‡4W9O4G184,WG1§WUŒ2;W@.,g„§/4W9K9);·N[¥08\(84,P,RW9G WF8 ) o*z9z!

J

ÅCDWO4T !9!9 ¥#NYVe(CDW9O4KML /;K´D .G ‚ ]O1Q'+b,F.IW9WUÇS‚ ‚ O1EQ W/;KM‚¨®Z2Me^¾MYNdIS)(n[¥,54Rl¥V@’;’7“§”

J

•;•–;–7–§—QÈ;É9Ê4Ë9’ —0˜ÌS›—Qšœ1•¥Ê1Ë¥–MÍn’4Ë4˜S3•Ì1Í•4Ín’@Ì9Ÿ9Î1•9όÐÑ7Ï;Ï7Ï7Ï9¢;Ò;Ó7Ô;πÐÑ;Ï9Ñ;Ó;Ó9Ô;Ò7ՌÐIÏ;Ï(—6@’¥› ) !!7 @e

 \ C§ !9!v#$\^O1W9_3SG¯CDW%{%{,E,WG´,F.I z´i6YN¦c^W*.T,RW9G W;,RG1A cŒEQK4mT) @’7’7“§”•;•9Ë1˜€—EËœ;Ÿ4Ì“4š^—QËœ3•

J

œMÍ¥’tÖ7˜Ë@א4Ìn›MË@•9¤1Í ;•“;ŸtÖnØ;š1˜nÎ1•¥–4Ì9Ÿ9MÖ*Ê@Ù7Ù7Ÿ4Ì¥œ;“1•1e Úq$c(‹g[@x#fqZdN†²q$G4* c^O454,F.?‹g,F.IG3E9)4aŒ0E,WG x4e1p[¥,54Z§;’;’7“§”•7•Ù7“3™Ø@Ô(—Q¤3ͤ^—EÌ9Ÿ9Ù1•4e

<¤UXG1.*

 ·;CD/1‡4T !9!x¥#$aVe ·NF84S) Y]e¨CD/1G18@0 G18´+}e ‡1G4>Lf2;*%{G7,F.{*%&W'¥SQ0¥,WG LZj[;,EO1(%{9.0/4,G4

8@,*.T*8f_4_4W99.0/NW¤O1ES8f.IW9%&_1O@,G4A1eShkGV†$2;\(dhk¹ra,O19+-9.0/4,RG1D<¤SES0.0/ZG18?„p*.0/4G4W9RW9AKZ2;K;%]:

_tW9,RO1% ) +-nKb !9!v3e3FWl„p*.0/4G4,F.<_tWNdW3et!9x¥:Q !4)[email protected]/4W;WpWU^hkG@UXW9%',WG-G38`CDW%{_4O@[email protected],G3.I)

†G4,R[90E,RQK¬WUŒC ,RUXWG4,1)@hk[;,G4)3®$.IW953*¤ !!9x4e

 ·,A] !9!9­¥#Z·NÛ,A1)D·W/4%]O@/ )§‡1*9)D·*R%]O@/ )§‹p.09W>K;G17,B)^+b*/4G4G38ªc€ISL-„§/4bd,>>S

2;S.IO4I:Q2;K@E%Æ0.0/4,P*.IO4e on 9Š !!7­$: CDW53W9¥CDW%¿ !9!9­4e

 h=W9, I !!1oI#?dW9%'O&h=W,B) ,R,F%jfe;51O1A/g)@2@%]O4F?¨3ec€W9.0&G18'Y$G4,t+}e7<[9**L hkG@UXW9%':

J

,RW9Gl2;*.O4,PQK{G18{c(,[¥.IK9e7"/¬O1Q9E,FGCDW9G@UXG1.);CDhE2;c© !!4o9)92;K@8@G4*K)@O3QR,F4)7¨O4K ooI:0o*x1)

!!4o9);c^W@.*84,RG4A7e

 ¶Z,RG1A&R#f24%VO1 „Ze7¶Z,G4A3)7c€§+}e1CD/4*Gg)7»N,R:=+b,G G1A1)4CD/18'aŒ*5tW¥7,B);·G ¨1e G4A3)7G18¬¨7.W5

J J

/4_1/408l_4_4W¥[¥tW{/4V !9!"fhk\(\^\Ü2;K;%{_3W7E,O4%¿W9G¦2@*.IO1,RQKG38lc(,[¥.IK9)4+-nKl !!"1e

 ¶ZO3q$S !!9x¥#$YN,¦¶ZO4/4%'G4Gg)t<¤W5tNVeMq$*/4,G4A3LD„pO1ES8¦c^F¥EUXW9%'*)3Y$<+})MG18bs *KWG38 e4hkGgL§\^5t/108

s *.09S) ,R%'fs O4/1)pYN,`q$H1G4G4¤,A`Šld,Ff<¤O4%{_Ýi6·0EA3e mILfY,A,R^<¤,RA9/7f+-G1A9%{G7SLZ„p*.0/4:

J

G4W9RW9A,F.6)M\(.WG4W9%&,F.)p‹gA7€G18`c€W,P,.*Œ_t*.T0)¨2;_4,RG4A9S)gs R,Gg)g·*,8453*A3)gdÞ»^W| !9!x4)g2Me

o¥w¥y¥:Q !7­@e

 ¶ZO4/4Ç !9!x¥#ZY,¶ZO4/4%'G4GgLD®NG¦„CDc fet‡¨CÝ !!9x4)@‹ dZC§2 7wnv; @);_4_ge3 9­­¥:k "z4); !9!x4e

 ¶ZO1¶NW72@7270 !!9­¥#N†,.0/?¶ZH4/4G )n¶ZFO3g¶ZO40n )n27UÀGf‹gO3.0;*)n/4%'8@:=<¤*>*248@*A/4,B)SG18VCD/4,E,FGf27H454L

2;S.IO484Z%'G1A*%&*G7€,G&O1E*8'.W%{_4O@,RG1A1ehkGCDK7_4WA9_4/4,F.§·08@§ G18&\^%V5t*818@*8¬2;K@E*%{

¼ßC ·\D2l !9!9­@)[WO4%{x9"9­zZWU ‹gS.TO1dW*^,G CDW9%&_1O@*§2@.,R*G1.I9)9_3AS^x9 v¥à@xxy1e2;_4,RG1A:=aŒA1)

s ,RGbq$%'G;K)1 !!9­4e

 ¶ZO32@.c^0 !!7­n#$¶{e3¶ZO4n )@[email protected]/4*R9G1*)4G18¦s$e4c^G1BL(G1K;>,G4A{O1E*8 _4F¥UXW%Æ.W%{%VO4G1,.*¥,WG e

hkG¦\ C

J

 ‹ 7q$G18@S !!9x¥#hkG7*`CDW_3W9,WGgLá‹p9q$0G184Ü*.0/4G4W9RW9AKµ0.0/4,RS.TO1lW¥[9[7,?e&„ S.0/4G4,F.¦<_tW

9­ ¥v7z4o:=!9!4o)hkG9¨CDW9_tW0¥,RW9Gg)@2;_@%]53*N !9!x4e

 ‹g*%&W; !9!x¥#Z

J

˜Ìn› •9ÑM¡nÏ;Ï3£M¡nÏ;ÏM¡£@Õ;Ò;Ñ3¡nÑ7ã^—=;’›t™1) !9!x1e

 ‹g,*8@9oSzz"#$¨3e4‹g,*8@9LŒ„pW¥ 84 *t%{,F.IW:=*G4**e4CDW%{%VO4G1,.*¥,WG3§WU /4fC +})1x9z1i6z9mT) oSzz9"4e

 ‹g,AO3 !!9"¥#$G7/4W9G7K݋ ,RA9O4W,BLrYN54O1G4;,RG4A54O4´_4,RV%VK7/gep[¥,54³ @’;’7“§”E•;•–;–;– —kØMÖnŸ;’9œ4š@™@Ö¥È@š’tÖ¥Ìʧ—

ÖSÊ4¤@Ì;•7Ñ;Ï;Ï;Ó;•7Ï;Ò@•9É;Ëä7œ;Ê;tÖSÊ7ÙM£ä1™œ4Ë“tÖ™;™@£¥›1Î7’7 —=7’› ™@)O4AO3Q !9!"1e

 ‹gW7<92@72@.*2;0 !9!"#N·G1‹ å/4S)3·N,¨q$W¥[;,RG38¦aVeM<%'%]K)32;IUÀG`[email protected]/;O4>)M+-¥/4,F[email protected]/;O4G7**) CD/4,FE,FG

27H454L¬\(G4/1G3.I,G4A´q$,F8ª2;*.O4,PQK}†,G4A`„pO3Q*8¯aN,RO3,R>S¥,WG ep¤.._@*8¯W|5t _4SE*G7*8ª¥&„§/1

2;S.IW9G18 W@E/1W_ WG¦¤8@[¥G1.*§,G¦„pO1Q*8bCDW%{_4O@,RG1A-i Œ„C²‚ !9"{‡1ÇmTe

J J

 ‹gW;2;%¬ !!1oI#$c¨*$‹ W9.IW@..WG18`27*_4/4G´2;%'R*KML¤hkG9A9,G4A'æ1±;,54]O4_4_tWUXW9$*.O4,RQK _3W9R,F.I,*N,RG7W

/4‹g,G;O@±]W9_3*,G4A?EK@E*% e„p*.0/1G4,.*4_tW*)9†feÚ2Me9dN¥,WG312;S.IO4,PQK&A9G1.KliÀd$2@NmI)9‡154O1K] !!4o9e

 ‹gO4/1% oSz7wz¥#$d,R;F¤‹ O4/4%'G4G L^„ O1E¤9¤{<¤*[email protected],WG WU(CDW%{_4I±@,RQKe@hkGgL^„pO1QG18c€W¥ SL¨„p W W@ WU

J

d,R;F¤‹gO1/4%'G4Gg)3d°»^WMLŒ¨W9/4G ,KlG18¦2;WG1*) o*z;w¥z1)7_1_ge3 ¥v:=x1oe

J

 +-¨9,F+-9 !!"# e +-W1)¨·fe ¨9,RG )pG38³Ve +-E,RGgL?hkG1G4W¥[¥¥,WG3$UXW?A,F8`*.O4,RQKbUXW%çO3Q*8´.IW9%&_1O@,G4A1e

J

+-98@~n[¥,54RrWG1R,G4~¥}@’;’7“ ”•;•–;–7–§—=;“3™Œ—B;“D—0˜Ìn›M•¥“1ËŸtÍÌÊ4š;™;•nè1ËÊ7ä4Ì;×é;š;Ì@•Ÿ@Ë4ÍË9š9Ÿt˜S1•’t˜SÙ;ŸMÖnÉ1ÍË1˜€—

“4É;¤t)1 !!9"4e

 +-92@%{s§7270 !!v#$¨3e1+-.0/4SE,G4,B)32Me32@%&,R/ ) ®]e ,F8 )tVe3s§0%{,Gg)4G38 ¨3e327054,G4**L¤®N_3*G¦WO1.f_4_4,R:

J

.*¥,WG3ŒWU „CDc ~/108@§e¥hkG¬ !/'G1G7O3MCDW9%{_4O@*D2;S.IO4,PQK]_4_4,F.¥,RW9G1 CDW9G@UXG3.IeC +¯)9YN*.e

!!v3e

 +b,F.IW9WUÇ0 !!9x¥#$+b,.W7EWUÇ*L d$q?21C s „p*.0/1G4,.*އ@‰]e° [¥,F54ê¥á@’;’7“ ”•;•–;–7–§—À›pÖ7˜nŸ@Ì1Í¥Ì7¤7’D—˜Ìn› •

’4Ë1˜n7Ê1Ë9’1•4ÍË1˜nœ@ŸMÖS’;Î4•Ê4Ë–MÍ•Ê;ÙtÍ7˜S䧗Ǜ ÍS“@ëte

<¤UXG1.*

 +b,F.IW9WUÇ0 !!9x5@#N+-,.W7EWUÇ*Lìd±;ƒq$G10¥,WGÂ2;*.O4µCDW%{_4O@,RG1AÆs§e¦ [¥,RF54Þ°@’;’7“ ”•;•–;–7–§—

›pÖ7˜¥Ÿ@Ì1ÍÌ7¤7’D—0˜Ìn› •Ÿ4Ë4ÍÌœ;Ÿt˜¥Ë1Í•Ê;Ù3Í;˜*ä3•É@Ë9¤;šœ4™’D—À›gÍS“@ë3e

 +b,F.IW9WUÇ0 !!9x.T#$+b,.W7EWUÇ*L€d±7:kq$*G40¥,RW9Gl2;S.IO4ZCDW9%&_1O@,G4A{s 9ENc^W;84O1.T¤hkG@UXW9%'¥,RW9Gge; [¥,F54N

@’;’7“ ”•;•–;–7–§—À›pÖ7˜nŸ4Ì4ÍÌ9¤9’ —˜ÌS› •Ÿ@Ë1̜ͥ;Ÿt˜Ë4Í9•nÊ@Ù3Í;˜Sä1•“7Ÿ4Ì7Éœt˜n’MÖÊ4¤@Ì^—X›gÍn“7ëMe

 dS.IO3 !!9 ¥#Zq&e^d*.IO11L¬c^W7WUÇ:=.*K;,G4A|.W;84e¨hkG v/r2;K;%&_tW9,O4%êWG©c^,G1.,R_4*&WUc^W:=A0%{%{,RG4A`‹ G4:

A9O1A9*ZiXc ®NcD‹pmT)3_1A9*$o*!9"¥:0ooSz4)7c€,F*);‡1G1.I9)4¨9Gge o*z9z7w@);C +Âc^**e

 d$¾ q? !!9"¥#$„§/1Zdu¾t*G18lq$W¥[9G4%{G7¤2;¥f2;[;,.?CDW9%&%{,F,WGg)7@’;’9“§”•;•–7–;–§—EË(—=Ù4Ì9Ø7’D—BÊ4È;•“1Ì;™4Ö9˜¥Î1•

’t˜@£;šÊ4Ét£7É7Ÿ›pe

Å®NO3 !9!"#Zq$W9A9&®NOgLYNI*.T,RG1A/4V54O4&_4,R€/;K;_3*[;,FEW9W;W;,P$,N_tW9E,54V54O@ZG4WN,[;,6et [¥,F54]

@’;’7“ ”•;•ä3™9Ì9Ùt̀—QÈ7É9Ê4Ë9’D—˜Ì*› •7íœ1•7î“;ï@Ñ7Õ;ã1)¥O4AO1EN !9!"1e

 cŒ.I,R¸3.*9 !9!9­¥#N¤8@[¥G1.*8´+b,F.IW-Y*[;,.**) hkG1.L]+|YN"vba,EO1,R>S¥,RW9G}CDW@8@*G1%{*8r‚ cŒ.I,R¸3.*4‚ „p*.0/4G1WWAK9e

x9x!v@wS:=*[Me9x4e !4oZS8@,P,RW9Gg)4+-nKl !!7­@e

 cŒ¸4>%'G4G¦ !9!4o#Zs$eŒcŒ¸4>%'G1Gg)¤¨1e^<¤,W084Gg)§CNe(27H454)¤+}e ,F8@G4**)§fe 5tSL-„§/4¦c^\(

J J

2;K@E*%½.0/4,RS.TO49e^hQs§+ð„ S.0/4G4,F.<¤_tW

‹p5tW0¥W9K9); !!1oe

 <G1Ggo*z9zv#Z¶?,1<G4G4*G;53*A3Lp<¤S.IG7(YN[9W_4%{G7^,G'hkG@UXW%'¥,RW9G{„p*.0/1G4WWA9K]2;*.O4,PQK]\^[¥O1¥,RW9GVà]„§/1

d*8lUXW9\^[¥O1¥,RW9G|CD,R*,FfUXW9%VO1P,RF¥0 2;S.IO4,PQK9e@hkGb<¤,.0/308 2;,>*I6eL(2;S.IO4,PQK G18bCDWG7W9

WU hkG@UXW%'¥,RW9Gl„p*.0/4G4W9RW9AK&,RGb2;[email protected],IQK&¼ìc^[email protected]**8@,G4A9 WUg/4ZhQ‡¨hkc„C z7Š qƒz4e " W9;,G4A{CDW9G@UXG1.

J J

O4AO1EboS ¥:o¥w;)§o*z9zx4)Œ_1_ge¤ooSx¥:0oS y1)€WG;53W708}+`Š2ªhk,.0/rG18©/4Wl¬2;*eŒc€I0E54O1A3)^<¤O1E,F4ó hQ‡¨hkc

„pG1.T,RW9G1§¤:=v9x1ó;dW/@:k·W9RFG38 )4%'E084%ŽI6e oSzzv3ó;hE2@s§du!¥:=vvv:=y1o*y9x4oI:k"4e

 <¤W72@,s OtC 9zy¥#ZYVet+}e1<¤W9O1ESOg)12Mets$e32;,R;,RG )3

CDW9Q:kYN,.I,_4,RG4¤aN,R*WUg„ O1E*e„§/1¤.98@%]KVWUg+-G1A9%{G7(<¤*[;,R*?eaŒWBe9 x4)9dO4%¦e7x1)_4_ e9xz9x¥:=v9!v1)

oSzzy1e

 <¤O@@ !!9"¥#$¨9W9G4G1õ<¤O@W¥n1Lö2@O45;[,G4Aõ[;,E«*G4* UXWUXO4GçG38¿_4W¸1*e' [¥,RF54u¥@’;’9“§”•;•

ä3™7š1˜n71š9’ —˜Ìn› •“;Ÿ4Ë4ÍËÊ;’4š’MÖ¥ÌÊtÍ•ä9 £œtÍš1£;Ï;Ó;•÷7ø9ù3ú4£@Ï7Ó1£7û9œ;’74Ì–3Í¥@š^—B“4É;¤1)¨9O4Kl !9!"4e

Ú2@84A/1, Ip !!9"¥#$/4%'8;:k<¤*>*f2@98@A9/4,6);+-.32;*R/1W0QS);CD/4,E,FG¬27H454)1CD/4,E,FG .0/1%'G4G'G18

J

+-. ,RG1G18@KMLŒ„C§q°hkG1E,F8@nâl:€°dWW9G¬„§c(+ü2;_t*.,P¸t.¥,RW9GlCDW%{_4,G1.I9e9¤.*.I_4*8'UXW§„§/4‡¨,R0E

J

C + W;/4W9_WGb2@.*F54?„ O1E*8-CDW9%&_1O@,G4Abi62@„CN‚ !"7mTe

J

Ú2@,§I !!7­n#?9)„Ze¨7A9S)9)‹^e¥[¥G{YNW;WGg)¨3e‹^e9q$,RÃ{G )72Mes A**Lp·K7_tL

2;S.IO4Z·K;_3*[;,FEW9 _4_4W99.0/¬W{„pO1ES8aN,RO3,R>**8l2@K;E*%'e@hQs§+á**.0/*_3W9E§<¤**.0/<_tW

<C§ x7­@o9o)@ !!7­@e

Ú2@92;0 !9!v#$/1%{98;:k<¤>Sª2@84A/1,6)$CD/1,FQ,GÜ27H154R9L¯c^W_tQK7:B519ES8 ESQ0¥,RW9G~UXWbCDW%{_4O@,RG4A©c^F¥E:

UXW9%'*LŒC ,G4Af5tWO4(_3W9R,F.I,**)7G4W %&S.0/1G1,%'e9c€G43WG¬„§/4*%{*(G18¬·,RA9/4R,A/70^WUM/4NdÜ2;S.IO4,PQK

cŒ084,RA9%{ W;/4W9_³ !9!v3)t_1SE*G9*8`¥f !¥/`G4G;O1DCDW9%&_1O@*?2@*.IO1,RQK|_1_4R,F.,WG1fCDW9G@UXG1.

J

i6C§2@C§m§YS.I*%V5tS)3 !9!v1e

Ú2@92;c€W7 !!v#$/4%'8;:k<¤>Sf2@84A/1,6)4CD/4,E,FG¬27H454)@dW95t^c€W/4%'G4GgL¨\^O4W_t*G¬+bO4R,*t2;S.IO4

CDW9%&_1O@,G4Aªs§ :{®N_tG݄pO1ES8ÝCDW%{_4O@,RG4A´UXW9'»^WOÝG18+be YN*G1.0/;O@>bO4G18~Y$¥G1,.0/1/4,R

i6YN†NY$m¤z;Š !!v3)9aN,R*D*A{aŒA1)@_4_get­¥v9y:k­9­¥v3)7 !9!v3e

Ú[email protected]/4W; !!9x¥#$2 [email protected]/4W;G L-„ O1E*8~CDW%{_4O4,G4A1Lbc^W%{,FEbG18©<,Me^„ S.0/4G4,F.¤_tW*)D\^*.TW9G4,F.b‡4WG7,0

‡1WO4G181¥,WG )4n[n,RF51R?¥§@’;’7“ ”•;•–;–7–§—EË7¤;¤(—EÌŸ;Ù@•1ýSÊ;¤7Ÿ@š@•’7Ÿ7œ3Í¥’@Ë7É1˜Ìn›@“;œ;’MÖ*Ê;Ù1•Ñ;Ï7Ï;Ôt¡SÏ;Ï3¡*’3˜€—B“7;“te

Ú2;/1_go*z9zz¥#Z¨W9G1¥/1G-2Me 2;/1_4,W3LD\(<®Z2MLtõC _154,,PQKb2;K@Q%¦e1c(/1Y«/4SE,F)M†G1,R[90E,RQKWU^c¨*G4G1K;R[¥G1,1)

_4,^oSzzz1e

 „C§qN#f„ O1E*8-CDW9%&_1O@,G4A¬q$W9O4_ *51E,Rfn[¥,RF54Z¥¤–;–;– —k’t˜¥Ù —QÌ9Ÿ;ÙMe

J

 0qZ<§†s¤ !!9­¥#$„pO3Q*8uqZ<§†sçc^WÄQS.T|·W%{_1A´n[¥,54R} @’;’7“§”E•;•–;–;– —=“@Ÿ4Ì1ÍË4˜€—BŸ7œ;ä —kÉ;Ë@•¥’;Ÿ7œtÍn’@Ë7É4×

Ù;Ÿ7œ;ä —=@’› ™4e x

<¤UXG1.*

 „§c(+| !!9 ¥#Z„pO1Q*8]CDW9%{_4O@,G4ANc^EUXW9%u,G1.I$iÀ„CDc NmIL„C§q+-,G]2;_t*.,P¸3.*¥,RW9GfaŒ0E,WGoeo5gen‡4*54O4:

Kl !!7 @e

 „§c(+| !!x#Z„pO1Q*8{CDW%{_4O@,RG4Afq$WO4_ L „C§q݄§c(+ç2;_t*.,P¸t.¥,RW9GVaŒ*,RW9Go9e N<¤[;,FE,WG&y9­4en‡154O1KV !!9­4e

 „§c(+-+-,P±1 !!"#$p[¥,54RZW9G4R,G4?¥¤@’;’7“§”E•;•–;–;– —k’4ÌÊ@În› ˜¤7š7É7É@ËÊ —=Ê@Ë9’4•’9“›3Ø;ËÊ@É@ÌŸ3̀—6@’¥›

 „ WOt2;T27#?„ WO32@T2ML¬GÁW_tG4:=WO40.Iƒ„C§qþ2@WUÇQ§u2;.0¿,R%{_4%{G70¥,WG e¬ [¥,F54²¥@’;’9“§”•;•

’;Ÿ4ÌœtÍË9Ÿt̀—ͤD—=Ê1Ë’Me

 „ O1ES84+-.0/ o*zz1oI#N¶Z*G1 c^,R%{**LŒ„pO1ES8 hkG@UXW%'¥,WG¦2;K@Q%'¤hkG1.eR)3Y0¥UÇ!4o9)4dW¥[9%V5t 7w;) o*z9z4o9e

 a,FQ09 !!"#$+b,F.IW9WUÇ ,RG38@W¥|aN,E°c^W@[email protected]}·W9%{_1A©n[¥,RF54ª`@’;’7“ ”•;•–;–7–§—À›pÖ7˜nŸ@Ì1Í¥Ì7¤7’D—˜Ìn› •

J

– ÖSÊ4É;Ì–MÍ¥ØMÖ9Í¥’4š@•1e v