Last month, the Japan Regional Forum held the ‘TCG’s Challenge for Next Generation Cyber Security’ open workshop. Aiming to enhance IT and cybersecurity literacy across Japan, participants were able to learn more about Roots-of-Trust (RoT) at the hardware level and how remote attestation can improve security across the cyberspace.

Trends in cybersecurity threats and JPCERT/CC approaches

With expanding IoT technologies, more and more software products are becoming connected to the internet. This has tangentially led to a rise in attacks that aim to exploit vulnerabilities in these products. Against this backdrop, attendees had the opportunity to hear from Mitsutaka Hori, a Threat Informational Analyst, Early Warning Group at the JPCERT/CC. Funded by METI, JPCERT/CC has been dedicated to promoting the improvement of security in Japan since 1995. For nearly 20 years, the organization has conducted various projects with the aim of enhancing cybersecurity measures while serving as a point of contact for operations and international collaborations.

The number of incidents reported to the JPCERT/CC continues to rise each year since 2020, with 30,000 incidents reported to them last year alone. Attacks such as BlackTech, LODEINFO, and Lazarus have all been active within Japan. Ransomware attacks are also being considered a growing threat to businesses across the country, but especially in the manufacturing industry which remains a target. Mitsutaka advised of the difficulties in investigating modern, complex attacks and the countermeasures JPCERT/CC are putting in place to mitigate potentially critical damage.

A framework for attestation

Trust and attestation are gaining popularity and importance for cloud, edge, and distributed computing. For attestation capabilities to become commonplace in these areas, interoperability is crucial; it can minimize costs and maximize reach. Though many standards are actively defining technologies, this does not mean interoperability is guaranteed.

Focusing on the key use cases for attestation (authentication, trustworthiness, integrity and posture assurance, and origin provenance), Attestation Work Group Chair Ned Smith provided an overview of both parts of TCG’s ‘Attestation Framework’, and his desire for consistent use of attestation terminology both within and outside the TCG. He also discussed how attestation concepts can be expanded to include the ever-evolving technologies required for trusted computing, including TPM, DICE, and MARS.  As part of his presentation, Ned shared an analysis of how the Internet Engineering Task Force (IETF) and TCG Attestation specifications can fit together, and it was clear that greater collaboration can raise greater awareness and use of attestation.

Remote attestation and platform certificates

In recent years, global supply chain risks have rapidly increased, with countermeasures now a necessity. This is why both the TCG and IETF have been developing international standards and guidelines to best address supply chain risks. Tsukasa Kobayashi, TCG-JRF member and Director of Technology Services, Software Division at NEC Corporation, delivered an insightful presentation on IETF’s RFC9334 Remote Attestation Procedures (RATS) and the TCG Platform Certificate. Both technologies are crucial to ensuring adequate supply chain security, especially in domains where this is essential: manufacturing, critical infrastructure, the public sector, and financial services.

During his session, Tsukasa provided a detailed explanation of how these technologies work and how they enable the verification of devices with hardware security functions found throughout a supply chain. For example, an explanation of how the Platform Certificate can mitigate any attempts to tamper with devices during shipment was laid out to the audience. Attendees also gained insight into the ongoing standardization attempts seen across the United States and Japan.

Overview of key TCG technologies for device identification and attestation

‘How do you know what software is actually running on a box?’

That was the problem statement put forward to attendees by Guy Federkow of TCG and Juniper Networks. Guy confirmed that while you can ask the device this question, it may not tell the truth. This highlighted the need for attestation, which can establish a chain of trust in which each link measures the next one before it proceeds.

Guy advised that a Root of Trust (RoT) can provide a known secure point within the chain. These can be carefully isolated from system and application software to ensure modification cannot take place and that devices will act in a predictable, expected manner. During the presentation, three main TCG RoT technologies were discussed: TPM, MARS, and DICE. With each of these technologies bringing their own benefits to the table, Guy advised how they can be used to complement one another to ensure key attestation functions such as Root of Trust for Measurement (measuring the first mutable code to start the attestation chain), Root of Trust for Storage (providing shielded locations for keys and measurements), and Root of Trust for Identity/Reporting (protecting a ‘difficult to hack’ identity for each device, such as a signed copy of the serial number).

Remote attestation at Google, and TCG’s PQC vision

The final speaker for the open workshop was Chris Fenner, Co-Chair of the TPM Work Group at TCG and a Software Engineer at Google. During his presentation, the need for ‘cryptographic evidence’ for remote attestation was raised: if a remote machine is compromised, there must be a verification method in which hackers cannot provide falsified responses.

However, the challenge in enabling this comes from scale. If a developer is responsible for 100 or even 1000 machines, all it takes is one compromization to bring the house down. To this end, Chris advised that Google is using attestation to get remote machines to verify each other during communications. If any of the connections fail and a compromised machine is uncovered, the rest of the machines will cut off contact. Discussions surrounding the input of verifier logic led Chris to advise that this can be combined with certification rotations. This means a device’s credentials are only provisioned once attested and sealed, which is known as implicit attestation.

Chris then asked attendees an important question: ‘Why care about Post Quantum Cryptography (PQC)?’ He identified that quantum computers will crack all kinds of security, including the ones considered ‘hard’ by cryptographers through the use of Shor’s and Grover’s algorithms. 33-54% of cryptographic experts now believe RSA-2048-scale quantum computers will be with us in 15 years’ time, so now is the time to prepare. In order to do this, Chris provided an overview of the new algorithms, such as LMS, XMSS, and SLH-DSA and how these may be used to protect users and their secrets.

Roundtable and demonstrations

All of our experts were then invited back on stage to take part in a fascinating roundtable. In Japan, while the concept of trust is well-known, attestation is not. In order to change this, the panel discussed the challenges of implementation, with scaling, availability, and the complexity of verification identified as key issues. They then focused on the need for interoperability and the standards that can enable this.

RoTs such as the TPM, MARS and DICE were highlighted as integral technologies, not just for today’s computing landscape but in the age of PQC. As TCG looks towards the next challenge in cybersecurity and as machines grow increasingly complicated, the panel agreed that fundamental trusted technologies must continue to be adopted across all industries.

Attendees were then able to see demonstrations from a number of industry titans, including NEC, during the evening reception. We’d like to thank all attendees for coming to the open workshop and invite anyone interested in hearing more from the TCG and the JRF to get in contact!