Type-safe, TPM Backed TLS

November 20, 2012

Kun Li, Michael Maass, and Mike Ralph

Contact: {kunli, mmaass, mralph}@andrew.cmu.edu
http://www.cs.cmu.edu/~mmaass/tpm_tls/milestone.html

1. Major Changes

While we have no significant changes to our project plan, it is clear at this point that we will not be meeting the 100% goal. We can still meet the 75% goal, which is enough to produce performance data to compare TLS backed by the TPM vs TLS without the TPM. As of now, it appears the TPM slows down TLS enough that only systems that prioritize security above every other criteria would want to back TLS with a TPM. Such systems would benefit from making use of more efficient hardware.

2. What We Have Accomplished So Far

Our accomplishments are summarized in our revised schedule in section 5. In short, we've successfully modified OpenJDK6 to make use of the TPM for key exchange in TLS, we've created a test harness to test our modified JDK, but we've made only minor progress towards implementing the symmetric key operations for our chosen ciphersuite (RSA/AES/CBC) via late launch.

3. Meeting Our Milestone

Our milestone has been met as it was defined in the proposal aside from the late launch aspect. We have a test harness that uses our modified JDK, our modified JDK uses the TPM in a typesafe manner for TLS key exchange, but we don't have PALs that calculate session keys and encrypt/decrypt data.

4. Surprises

While we have dealt with several very frustrating bugs such as OpenJDK6 not compiling from source releases, jTSS shipping with a version of commons logging that doesn't work with our modified JDK for reasons we can't explain, and ciphersuite compatibility issues, only two issues stand out as particularly surprising.

First of all, our group member who is responsible for PAL implementation had their laptop die at the beginning of development. This was a problem because late launch requires special hardware that isn't immediately accessible from lab machines, thus preventing further PAL development until the hardware was replaced. Unfortunately, integration between the PALs and modified JDK was counting on more than the minimum amount of work being done with respect to PALs before the milestone. As a result, it is unlikely we will be able to meet our 100% goal of integrating everything. This is fine because we can already see that a TPM backed implementation of TLS is painfully slow, and further integration would not be beneficial because our JDK is modified in a way we could not contribute to the Open Source community. Implementing a TPM backed implementation of TLS in a way that would have allowed this would have taken at least 6 months on graduate student schedules.

As of now, we have not successfully compiled Flicker and have therefore not late launched any code. We hope to overcome the compilation issue enough to at least determine approximately how much overhead late launch would add.

Second, we only learned after starting implementation that jTSS and keytool (from the JDK) don't support PKIs where the private key is stored in a TPM well enough to create an RSA key pair with a self-signed certificate. This is unfortunate because a signed x509 certificate is necessary in TLS to establish the identity of the server. We discovered that OpenSSL has a TPM engine that allows users to accomplish what we needed, so we used OpenSSL to establish the key pair and spent several days ensuring we could use the key pair with jTSS. This ended up allowing us to implement TLS key exchange using a TPM protected key pair. Installing and using OpenSSL and then setting up jTSS to use the key pair ultimately cost us considerably more time than we expected, but didn't hurt our ability to meet the deadline for this aspect of the project in the end.

5. Revised Schedule

Week Beginning	Plan
October 22	DONE: Organize team member responsibilities. Ensure all members are familiar with all project ideas. Read hardware/software documentation.
October 29	DONE: Perform a detailed inspection of Sun's SSL provider to determine what needs to change to meet the goal. ~~Install Flicker and use a simple PAL.~~ Plan experiments and design test harnesses.
November 5	DONE: Begin integrating jTSS into Sun's SSL provider. Plan ingress and egress routes for session key management and encryption/decryption. Have a simple test harness done that allows a client to connect to a server that is using the modified TLS library and PALs.
November 12	DONE: Finish integrating jTSS with Sun's SSL provider for asymmetric key management and begin using jTSS for private key operations. ~~Continue implementing symmetric operations as PALs.~~ Continue implementating test harnesses and instrumentation schemes.
November 19	DONE: Finish integrating jTSS with Sun's SSL provider for key management and private key operations. ~~Begin integrating modified SSL provider with PALs. Start integrating test harnesses with the modified SSL implementation + PALs.~~
November 26	Gather performance data and develop a simple PAL.
December 3	Complete PAL measurement, project writeup, and poster

6. Resources Needed

We will not need additional resources to complete this project. In addition to the resources we listed in the proposal, we have had to procure a new laptop, the latest version of Apache Commons Logging and Commons IO, and OpenSSL with the TPM engine.