This disclosure relates generally to the field of computer integrity verification.
Root kits, Trojan horses, or other types of malicious code may compromise the operating system of a computer, thereby compromising the trustworthiness of all code running on the computer. To determine if a computer has been compromised, it is relevant to determine if the computer is booted with a verifiably sound and trustworthy operating system. Trusted Platform Module (TPM), technology (see https://www.trustedcomputinggroup.org/groups/tpm/ for more information on TPM) may be used for trust verification of a computer. TPM provides a secure hardware location on a computer that stores a measurement of all software that is executed by the computer during the boot process; the measurement may be used for integrity verification.
TPM is included in many computer platforms, including many brands of personal computers. A TPM enables integrity validation of code when the computer boots by performing hardware-protected measurement and attestation to a stored log. In hardware-protected measurement, the computer generates and securely stores a cryptographic hash value of all code involved in the boot process in the secure TPM storage. The computer then generates a log entry for the cryptographic hash value, and securely stores the log entry in the TPM. Attestation to the stored log occurs when, in response to a randomly generated challenge from an outside piece of hardware, the computer produces a signature from a log entry in the TPM that allows the outside piece of hardware to verify the log entry by comparing the log entry to hashes of known, trusted code. At computer startup, code on the computer, including but not limited to the basic input/output system (BIOS), the bootloader, the kernel, and any applications, is first loaded into memory, then measured, and then executed. The measurement of the code is stored in a log in the TPM. A piece of malicious code is unable to erase its associated log entry, as the log entry is stored in the secure TPM before the execution of the code starts.
To complete attestation, the TPM requires a separate, trusted host, known as a verifier, to issue a challenge and perform attestation, thereby determining if a given computer is booted with a trusted operating system. An owner of a personal computer may not have a separate host that may act as verifier. The benefits of TPM verification are not available to users that do not have a separate verifier computer.