'Trusted Network Connect' Puts Hardware Security Agent In Every PC

Three years after it was first announced, Trusted Network Connect (TNC) is finally here. Demonstrated for the first time at this year’s RSA Security show, the hardware-based security technology will eventually be used to ensure that client PCs comply with enterprise security polices – and perhaps by ISPs or Web sites to control their users’ choice of software.

The prototypes on display at RSA are intended for LANs, touted as a way to prevent spyware-infected or unpatched computers from connecting to an enterprise network. However, some members of the Trusted Computing Group (TCG), the industry alliance that developed the technology, are already saying that it be used on the wider Internet.

“A billion PC’s will have this capability in the next 5 – 7 years and it will be our primary way to authenticate to all services,” says Steven Sprague, CEO of Wave Systems, whose software is used in the RSA prototypes. “Any network administrator and any CTO at a service provider should be figuring out how to leverage this really low-cost, very secure technology.”

Like seemingly similar architectures already available from Cisco and others, TNC uses client-side agents to keep track of what software a PC is running. But it’s much more ambitious, for two reasons. First, TNC is a standard, which almost everyone in the computer industry has committed to support. Second, its agents have a hardware element, intended to make them invulnerable to software-based attacks.

TNC relies on several new components and technologies. The most important is the Trusted Platform Module (TPM), a PKI chip now included in most laptops and a growing proportion of desktops. (The RSA demo used laptops from Lenovo and Gateway, two TCG members that build a TPM into all their business PCs.) The chip is intended for both encryption and "attestation:" creating digitally-signed measurements of the PC’s hardware and software state.

Laptop users rarely switch on the TPM, because it isn’t supported by Windows XP. However, third-party software is already available from companies such as Wave, Softex and Cognizance, and OSes will soon support it natively. Microsoft plans to include TPM encryption support in Windows Vista, while IBM and Red Hat are building support into Linux.

The system at RSA uses Wave’s Embassy software to retrieve signed attestations from the TPM. Unlike measurements from the pure software agents used by Cisco’s Network Admission Control (NAC) and planned for Microsoft’s planned Network Access Protection (NAP), TPM attestations can’t be spoofed by an attacker or a virus. The private signing key never leaves the chip, so the only way to forge a TPM’s signature would be to physically hack the hardware.

Attestations are sent to an authentication database within the network, which checks the TPM’s measurements against a whitelist of allowed PC configurations. The TCG’s official setup at RSA does this on a server, running RADIUS software from Juniper subsidiary Funk, but the same functionality can be implemented anywhere in the network. TCG member Nevis Networks is using the show to launch a range of switches that can perform TNC authentication at the network edge, so that clients don’t even need to connect to a server.

Wherever authentication happens, TNC works in the same way: If the PC’s configuration isn’t on the list, it isn’t allowed into the network.

TNC looked good at RSA, but that doesn’t mean it will be practical in real networks. The requirement for client support could be a deal-breaker for many networks, at least initially. Most business LANs already include printers, for example, which don’t contain TPM chips and can’t run agent software. And the trend is for increasing device diversity, with networks needing to allow connections from simple VoIP phones or wireless gadgets.

The TCG’s long-term plan is for a TPM or something similar to be built into everything: It’s draft specifications so far cover cell phones, keyboards and even USB flash drives. But for the foreseeable future, networks that include anything except TPM-equipped PCs will need to allow connections without TNC authentication. That’s a potential security hole, as an attacker could just pretend to be a printer.

According to Nevis Networks, this isn’t a serious problem. “If you pretend to be a printer, we won’t let you do anything except print,” says Dominic Wilde, its director of product management. Similar restrictions can be placed on other devices: Pretend to be a phone, and an attacker won’t be able to do anything except make calls.

The practical problems grow as networks get larger: The more machines that connect, the more configurations have to be white-listed and the more holes need to be left open for non-TPM compliance. Any attempt by ISPs to require it might also fall foul of network neutrality rules, though last week’s Senate hearings focused mostly on ISPs restricting the network side of the link, not the customer side.

TPM hardware itself is rapidly becoming ubiquitous. “The TPM is standard across 100% of our product line,” says Clain Anderson, director of wireless and security at Lenovo. “We make a few low-end machines without them, but only for foreign governments that have their own specific requirements.” He cites China and Israel as examples.

Even these low-end machines aren’t without a security chip. “Lenovo ships a lot of PCs inside China with a Chinese government chip instead of the TPM,” he says. “We don’t know what it does.”

The obvious fear is that the chip gives the Chinese government the ability to access any encrypted communications, something that seems particularly sinister in light of the recent allegations that American technology companies (in particular Yahoo) have helped the Chinese government locate dissidents. But Anderson emphasizes that these machines are only sold within China. “They’re completely unsuitable for the American market,” he says.

Israel is more open about its objections to the TPM. “The Israelis don’t like RSA,” he says, referring to the algorithm that the chip uses to sign digital certificates, and named after the same people as the show was named for. “They think they have something better.”