AWS recently announced the general availability of the UEFI Secure Boot and of NitroTPM, a virtual TPM module for EC2 instances based on the AWS Nitro System. The new features are designed for boot-process validation, key protection and digital rights management.
Presented for the first time at re:Invent, NitroTPM introduces measured boot, a process where the bootloader and operating system create cryptographic hashes of every boot binary and combine them with the previous values. The feature can be used to prove to remote entities the integrity of the instance's boot software, enabling remote attestation support.
Developed to provide hardware-based security functionalities, trusted platform modules (TPMs) can generate, securely store, and control the use of encryption keys, credentials, and other secret data. Sébastien Stormacq, principal developer advocate at AWS, explains:
You can use NitroTPM to store secrets, such as disk encryption keys or SSH keys, outside of the EC2 instance memory, protecting them from applications running on the instance. NitroTPM leverages the isolation and security properties of the Nitro System to ensure only the instance can access these secrets. It provides the same functions as a physical or discrete TPM. NitroTPM follows the ISO TPM 2.0 specification, allowing you to migrate existing on-premises workloads that leverage TPMs to EC2.
Kuniyasu Suzaki, senior researcher at the Cyber Physical Security Research Center of AIST, asks:
It sounds nice, but I wonder if I can "take ownership" of the TPM? It means that the TPM is owned by me and not shared by other persons.
The Unified Extensible Firmware Interface (UEFI) Secure Boot prevents unauthorized modification of the instance boot flow ensuring that the instance only boots software that is signed with cryptographic keys that are stored in the database of the UEFI non-volatile variable store.
Beside NitroTPM, the AWS Nitro System includes Nitro Cards, a family of cards that offloads and accelerates IO for functions, the Nitro Security Chip, the Nitro Hypervisor, a lightweight hypervisor that manages memory and CPU allocation, and Nitro Enclaves to create isolated compute environments to further protect and securely process highly sensitive data.
Currently only Intel and AMD instance types that support UEFI boot mode are supported. Graviton1, Graviton2, Xen-based, Mac, and bare-metal instances are not supported, a limitation that raised some concerns in the community.
Stormacq explains how BitLocker volume encryption keys are good first candidates to use the virtual TPM:
BitLocker automatically detects and uses NitroTPM when available. There is no extra configuration step beyond what you do today to install and configure BitLocker. Upon installation, BitLocker recognizes the TPM module and starts to use it automatically.
NitroTPM and UEFI Secure Boot are available in all AWS regions but the ones in China. There is no additional cost for using the new features.