Next-Generation Secure Computing Base
The Next-Generation Secure Computing Base (NGSCB) (codenamed Palladium and also known as Trusted Windows) is a cancelled software architecture designed by Microsoft which aimed to provide users of the Windows operating system with better privacy, security, and system integrity. NGSCB was the result of years of research and development within Microsoft to create a secure computing solution that equaled the security of closed architecture platforms while simultaneously preserving the backward compatibility, openness, and flexibility of the Windows operating system. The primary stated objective with NGSCB was to "protect software from software."
Part of the Trustworthy Computing initiative when unveiled in 2002, NGSCB was expected to be integrated with the Windows Vista operating system, then known by its codename "Longhorn." NGSCB relied on hardware designed by members of the Trusted Computing Group to produce a parallel operation environment hosted by a new kernel called the "Nexus" that existed alongside Windows and provide new applications with features such as hardware-based process isolation, data encryption based on integrity measurements, authentication of a local or remote machine or software configuration, and encrypted paths for user authentication and graphics output. NGSCB would also facilitate the creation and distribution of rights management policies pertaining to the use of information.
The technology was the subject of much controversy during its development, with critics contending that it could be used to impose restrictions on users, enforce vendor lock-in, and undermine fair use rights and open-source software. NGSCB was first demonstrated by Microsoft in 2003 at the Windows Hardware Engineering Conference before undergoing a revision in 2004 that would enable applications written prior to its development to benefit from its functionality. In 2005, reports stated that Microsoft would scale back its plans so that the company could ship its Windows Vista operating system by its target date of 2006. Development of NGSCB spanned more than half a decade before its cancellation, one of the lengthiest development periods of a feature intended for Windows Vista.
While the technology has not fully materialized, aspects of NGSCB have emerged in Microsoft's BitLocker full disk encryption feature, which can optionally use the Trusted Platform Module to validate the integrity of boot and system files prior to operating system startup, the Measured Boot feature in Windows 8, and the certificate attestation features in Windows 8.1.
Architecture and technical details
A complete Microsoft-based Trusted Computing-enabled system will consist not only of software components developed by Microsoft but also of hardware components developed by the Trusted Computing Group. The majority of features introduced by NGSCB are heavily reliant on specialized hardware and so will not operate on PCs predating 2004.
In current Trusted Computing specifications, there are two hardware components: the Trusted Platform Module (TPM), which will provide secure storage of cryptographic keys and a secure cryptographic co-processor, and a curtained memory feature in the Central Processing Unit (CPU). In NGSCB, there are two software components, the Nexus, a security kernel that is part of the Operating System which provides a secure environment (Nexus mode) for trusted code to run in, and Nexus Computing Agents (NCAs), trusted modules which run in Nexus mode within NGSCB-enabled applications.
Secure storage and attestation
At the time of manufacture, a cryptographic key is generated and stored within the TPM. This key is never transmitted to any other component, and the TPM is designed in such a way that it is extremely difficult to retrieve the stored key by reverse engineering or any other method, even to the owner. Applications can pass data encrypted with this key to be decrypted by the TPM, but the TPM will only do so under certain strict conditions. Specifically, decrypted data will only ever be passed to authenticated, trusted applications, and will only ever be stored in curtained memory, making it inaccessible to other applications and the Operating System. Although the TPM can only store a single cryptographic key securely, secure storage of arbitrary data is by extension possible by encrypting the data such that it may only be decrypted using the securely stored key.
The TPM is also able to produce a cryptographic signature based on its hidden key. This signature may be verified by the user or by any third party, and so can therefore be used to provide remote attestation that the computer is in a secure state.
NGSCB also relies on a curtained memory feature provided by the CPU. Data within curtained memory can only be accessed by the application to which it belongs, and not by any other application or the Operating System. The attestation features of the TPM(Trusted Platform Module) can be used to confirm to a trusted application that it is genuinely running in curtained memory; it is therefore very difficult for anyone, including the owner, to trick a trusted application into running outside of curtained memory. This in turn makes reverse engineering of a trusted application extremely difficult.
NGSCB-enabled applications are to be split into two distinct parts, the NCA, a trusted module with access to a limited Application Programming Interface (API), and an untrusted portion, which has access to the full Windows API. Any code which deals with NGSCB functions must be located within the NCA.
The reason for this split is that the Windows API has developed over many years and is as a result extremely complex and difficult to audit for security bugs. To maximize security, trusted code is required to use a smaller, carefully audited API. Where security is not paramount, the full API is available.
One immediately notices the irony in the "extreme complexity and difficulty of audit" championed above. Department of Defense-sponsored computer security initiatives that began in the late 1970s recognized very early that, the more trustworthy a system, the more transparently engineered its trusted components must be. Extreme complexity stands in direct opposition to these requirements, as does inability fully to audit. Truly, one must even wonder about Microsoft's commitment and expertise when internal criticisms arise over "difficult[y] to audit for security bugs," since nowhere do any applicable criteria offer this raison d'etre to audit. Rather, audit is intended to capture all security-relevant operations transacted by the system; the very statement that concern arises because "security bugs will be difficult to audit," or some such, reflects a very tortured understanding of the purpose of audit and of the stricture with which the descriptor "secure" (in actuality, the descriptor "trusted") is assigned. Read another way, this concern seems to say, "This system can't be called secure, since the audit isn't comprehensive enough to capture evidence of the known (viz., a priori) security bugs."
NGSCB is meant as an implementation of Trusted Computing, its potential uses are therefore similar. Proponents claim that TC will make computers safer, less prone to viruses and malware, and thus more reliable from an end-user perspective. In addition, they also claim that Trusted Computing will allow computers and servers to offer improved computer security over that which is currently available.
Digital Rights Management
By utilizing the attestation, curtained memory and cryptographic features of the TPM, a secure form of Digital Rights Management (DRM) may be developed; critics charge that although it does not provide DRM features itself, DRM is nevertheless the primary motivation for the development of NGSCB.
DRM would be implemented by encrypting DRM-protected files and only making the decryption key available to corporate trusted applications. A wide range of copy-protection and similar features could thereby be implemented, limited only by the imagination. For example, it would be possible to create a file that can only be read on one computer, or within one organization, or a file that can only be opened for reading three times. While any DRM-protected file could be just as easily copied or read as an unprotected file, it would be extremely difficult to decrypt the file at an unauthorized destination, rendering it useless.
In corporate and educational networking environments, a desirable feature of NGSCB is the ability of each workstation to securely attest that no unauthorized modifications have been made either to its hardware or software. A workstation that is unable to authenticate itself can then be automatically denied access to some or all network services at will.
NGSCB and Trusted Computing can be used to intentionally and arbitrarily lock certain users out from use of certain files, products and services, for example to lock out users of a competing product, potentially leading to severe vendor lock-in. This is analogous to, but worse than, a contemporary problem in which many businesses feel compelled to purchase and use Microsoft Word in order to be compatible with associates who use that software. Today this problem is partially solved by products such as OpenOffice.org which provide limited compatibility with Microsoft Office file formats. Under NGSCB, if Microsoft Word were to encrypt documents it produced, no other application would be able to decrypt them, regardless of its ability to read the underlying file format.
NGSCB and Trusted Computing are ineffectual at solving the majority of contemporary security problems, for example computer viruses and trojans. Despite this fact, Microsoft has in the past claimed that NGSCB was necessary to combat the threat of future virus outbreaks against Microsoft Windows users. Microsoft is no longer making claims that NGSCB will solve these virus problems.
"There's a lot of good stuff in Pd, and a lot I like about it. There's also a lot I don't like, and am scared of. My fear is that Pd will lead us down a road where our computers are no longer our computers, but are instead owned by a variety of factions and companies all looking for a piece of our wallet. To the extent that Pd facilitates that reality, it's bad for society. I don't mind companies selling, renting, or licensing things to me, but the loss of the power, reach, and flexibility of the computer is too great a price to pay."
In an article in 2003, D. Boneh and D. Brumley indicated that NGSCB was vulnerable to timing attack.
When originally announced, NGSCB was expected to be part of the then next major version of the Windows Operating System, Windows Vista (then known as Longhorn). However, in May 2004, Microsoft was reported to have shelved the NGSCB project. This was quickly denied by Microsoft who released a press release stating that they were instead "revisiting" their plans. The majority of features of NGSCB are now not expected to be available until well after the release of Windows Vista. However, Vista includes "BitLocker", which can make use of a Trusted Platform Module chip to facilitate secure startup and full-drive encryption. TPMs are already integrated in many systems using Intel's Core 2 Duo processors or AMD's Athlon 64 processors using the AM2 socket.
History of the name
Microsoft originally publicized the NGSCB technology under the code name Palladium, which was the word for a mythical talisman that guaranteed the security of Troy. Its working title was "Next-Generation Secure Computing Base," much as .NET's working title was "Next-Generation Windows Services." In early 2006, Microsoft renamed the NGSCB team at Microsoft to the System Integrity Team.
- Levy, Steven (24 June 2002). "The Big Secret". Newsweek. Retrieved January 30, 2015.
- Microsoft. "Privacy, Security, and Content in Windows Platforms" (PPT). Retrieved January 30, 2015.
- Microsoft. "Shared Source Initiative Home Page". Retrieved January 30, 2015.
- Aday, Michael. "Palladium" (PDF). Microsoft. Retrieved January 30, 2015.
- Fried, Ina (September 8, 2004). "Controversial Microsoft plan heads for Longhorn". CNET. CBS Interactive. Retrieved January 30, 2015.
- Kaplan, Keith; Cram, Ellen (2003). "Next-Generation Secure Computing Base - Overview and Drilldown" (PPT). Microsoft. Retrieved January 30, 2015.
- Microsoft. "Next-Generation Secure Computing Base - Technical FAQ". Retrieved February 16, 2015.
- "A Review of Microsoft Technology for 2003, Preview for 2004". Microsoft. December 15, 2003. Retrieved January 30, 2015.
- Evers, Joris (May 5, 2004). "WinHEC: Microsoft revisits NGSCB security plan". Network World. IDG. Retrieved January 30, 2015.
- Sanders, Tom (April 26, 2005). "Longhorn security gets its teeth kicked out". Incisive Media. Retrieved January 30, 2015.
- "Microsoft: Palladium is still alive and kicking". eWeek. QuinStreet. May 5, 2004. Retrieved January 30, 2015.
- Microsoft. "Secured Boot and Measured Boot: Hardening Early Boot Components against Malware" (DOCX). MSDN. Retrieved January 30, 2015.
- Microsoft (July 24, 2013). "What's Changed in Security Technologies in Windows 8.1". MSDN. Retrieved March 6, 2015.
- "MS blames PC architecture for viruses". Retrieved 2007-05-24.
- "Microsoft Next-Generation Secure Computing Base - Technical FAQ". Retrieved 2007-05-24.
- Crypto-Gram Newsletter August 15, 2002
- "Boneh Publications: Remote timing attacks are practical". Retrieved 2014-09-22.
- "Microsoft Shelves NGSCB Project As NX Moves To Center Stage". Archived from the original on 2007-03-11. Retrieved 2007-05-24.
- "Microsoft: 'Palladium' Is Still Alive and Kicking". Retrieved 2007-05-24.
- Microsoft's NGSCB home page
- Trusted Computing Group home page
- System Integrity Team blog — team blog for NGSCB technologies
- Security WMI Providers Reference on MSDN, including BitLocker Drive Encryption and Trusted Platform Module (both components of NGSCB)
- TPM Base Services on MSDN
- Microsoft's "Digital Rights Management Operating System" patent
- Development Considerations for Nexus Computing Agents