Andrew Lee-Thorp (2010) Attestation in Trusted Computing: Challenges and Potential Solutions.
Full text access: Open
This report examines the state of play in TCG attestation. It asks the question: how practical is the attestation specification and does it meet the needs of designs that propose to take advantage of trusted computing functionality? It is shown that, broadly speaking, both specification and implementation falls short of its stated goals. Application designs expect different semantics. Straightforward application of attestation to a running system does not provide adequate assurance nor does it scale. It is argued that extending the TCG architecture and reworking application designs are the most viable routes to making attestation a practical proposition.
This is a Published version This version's date is: 31/03/2010 This item is peer reviewed
https://repository.royalholloway.ac.uk/items/49558ca0-a73b-9550-886b-214165f08563/1/
Deposited by () on 23-Jun-2010 in Royal Holloway Research Online.Last modified on 15-Dec-2010
[1] Four grand challenges in trustworthy computing: Second in a series of conferences on grandresearch challenges in computer science and engineering. Technical report, ComputingResearch Association, November 2003.
[2] Masoom Alam, Xinwen Zhang, Mohammad Nauman, Tamleek Ali, and Jean-Pierre Seifert.Model-based behavioral attestation. In SACMAT ’08: Proceedings of the 13th ACM symposiumon Access control models and technologies, New York, NY, USA, 2008. ACM.
[3] W. A. Arbaugh, D. J. Farber, and J.M. Smith. A secure and reliable bootstrap architecture.In SP ’97: Proceedings of the 1997 IEEE Symposium on Security and Privacy, Washington,DC, USA, 1997. IEEE Computer Society.
[4] ARM. TrustZone Technology Overview. http://www.arm.com/products/security/trustzone/,February 2009.
[5] Boris Balacheff, Liqun Chen, Siani Pearson, David Plaquin, and Graham Proudler. TrustedComputing Platforms: TCPA Technology in Context. Prentice Hall PTR, Upper SaddleRiver, NJ, USA, 2003.
[6] Shane Balfe, Eimear Gallery, Chris J Mitchell, and Kenneth G. Paterson. Challenges forTrusted Computing. Technical Report RHUL-MA-2008-14, Department of Mathematics,Royal Holloway, University of London, 2008.
[7] Shane Balfe and Kenneth G. Paterson. e-EMV: emulating EMV for internet paymentswith trusted computing technologies. In STC ’08: Proceedings of the 3rd ACM workshopon Scalable trusted computing, New York, NY, USA, 2008. ACM.
[8] Endre Bangerter, Maksim Djackov, and Ahmad-Reza Sadeghi. A demonstrative ad hocattestation system. In ISC ’08: Proceedings of the 11th international conference on InformationSecurity, Berlin, Heidelberg, 2008. Springer-Verlag.
[9] Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer,Ian Pratt, and Andrew Warfield. Xen and the art of virtualization. In SOSP ’03:Proceedings of the nineteenth ACM symposium on Operating systems principles, New York,NY, USA, 2003. ACM.
[10] Stefan Berger, Ram´on C´aceres, Kenneth A. Goldman, Ronald Perez, Reiner Sailer, andLeendert van Doorn. vTPM: virtualizing the trusted platform module. In USENIX-SS’06:Proceedings of the 15th conference on USENIX Security Symposium, Berkeley, CA, USA,2006. USENIX Association.
[11] Matt Bishop. Computer Security: Art and Science. Addison-Wesley Professional, 2002.
[12] Sergey Bratus, Nihal D’Cunha, Evan Sparks, and Sean W. Smith. TOCTOU, Traps,and Trusted Computing. In Trust ’08: Proceedings of the 1st international conferenceon Trusted Computing and Trust in Information Technologies, Berlin, Heidelberg, 2008.Springer-Verlag.
[13] Ernie Brickell, Jan Camenisch, and Liqun Chen. Direct Anonymous Attestation. TechnicalReport HPL-2004-93, HP Labs, 2004.
[14] Ernie Brickell, Jan Camenisch, and Liqun Chen. The DAA scheme in context. In Chris JMitchell, editor, Trusted Computing, number 6 in IEE Professional Applications of ComputingSeries, chapter 5. The Institute of Electrical Engineers, London, UK, 2005.
[15] David Challener, Kent Yoder, Ryan Catherman, David Safford, and Leendert Van Doorn.A Practical Guide to Trusted Computing. IBM Press, December 2007.
[16] Liqun Chen, Rainer Landfermann, Hans L¨ohr, Markus Rohe, Ahmad-Reza Sadeghi, andChristian St¨uble. A protocol for property-based attestation. In STC ’06: Proceedings ofthe first ACM workshop on Scalable trusted computing, New York, NY, USA, 2006. ACM.
[17] Liqun Chen, Hans L¨ohr, Mark Manulis, and Ahmad-Reza Sadeghi. Property-Based Attestationwithout a Trusted Third Party. In ISC ’08: Proceedings of the 11th internationalconference on Information Security, Berlin, Heidelberg, 2008. Springer-Verlag.
[18] Alexander W Dent and Geraint Price. Certificate management using distributed trustedthird parties. In Chris J Mitchell, editor, Trusted Computing, number 6 in IEE ProfessionalApplications of Computing Series, chapter 9. The Institute of Electrical Engineers, London,UK, 2005.
[19] Edsger W. Dijkstra. The structure of the “THE”-multiprogramming system. Commun.ACM, 11(5), 1968.
[20] D. Dolev and A. C. Yao. On the security of public key protocols. In SFCS ’81: Proceedingsof the 22nd Annual Symposium on Foundations of Computer Science, Washington, DC,USA, 1981. IEEE Computer Society.
[21] Mark Dowd. Application-Specific Attacks: Leveraging the ActionScript Virtual Machine,April 2008.
[22] Paul England. Practical Techniques for Operating System Attestation. In Peter Lipp,Ahmad-Reza Sadeghi, and Klaus-Michael Koch, editors, Trust ’08: Proceedings of the 1stinternational conference on Trusted Computing and Trust in Information Technologies,Berlin, Heidelberg, 2008. Springer-Verlag.
[23] Paul England, Butler Lampson, John Manferdelli, Marcus Peinado, and Bryan Willman.A Trusted Open Platform. Computer, 36(7), 2003.
[24] Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stuble, and Marcel Winandy. CompartmentedSecurity for Browsers - Or How to Thwart a Phisher with Trusted Computing.In ARES ’07: Proceedings of the The Second International Conference on Availability,Reliability and Security, Washington, DC, USA, 2007. IEEE Computer Society.
[25] Eimear Gallery. An overview of trusted computing technology. In Chris Mitchell, editor,Trusted Computing (Professional Applications of Computing) (Professional Applications ofComputing), chapter 3. IEEE Press, Piscataway, NJ, USA, 2005.
[26] Eimear Gallery. Secure delivery of conditional access applications to mobile receivers.In Chris Mitchell, editor, Trusted Computing (Professional Applications of Computing)(Professional Applications of Computing), chapter 7. IEEE Press, Piscataway, NJ, USA,2005.
[27] Eimear Gallery. Authorisation Issues for Mobile Code in Mobile Systems. Technical ReportRHUL-MA-2007-3, Department of Mathematics, Royal Holloway, University of London,May 2007.[28] Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, and Dan Boneh. Flexible OSsupport and applications for Trusted Computing. In Klaus-Michael Koch Peter Lipp,Ahmad-Reza Sadeghi, editor, Proceedings of the 9th Workshop TODO, 2003.
[29] Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, and Dan Boneh. Terra: a virtualmachine-based platform for trusted computing. In SOSP ’03: Proceedings of the nineteenthACM symposium on Operating systems principles, New York, NY, USA, 2003. ACM.
[30] Dieter Gollmann. Computer Security. John Wiley and Sons, Chichester, UK, 2nd edition,2005.
[31] Susan Graham, Peter Kessler, and Marshall McKusick. gprof: a Call Graph ExecutionProfiler. In Proceedings of the 1982 SIGPLAN symposium on Compiler construction, 6.ACM SIGPLAN Notices, June 1982.
[32] Trusted Computing Group. PC Client Specific Implementation Specification For ConventionalBIOS Version 1.2, July 2005.
[33] Trusted Computing Group. TCG Generic Server Specification Version 1.0 Revsion 0.8,March 2005.
[34] Trusted Computing Group. TCG Infrastructure Workgroup Subject Key Attestation EvidenceExtension, 1.0 edition, June 2005.
[35] Trusted Computing Group. TCG Software Stack (TSS) Specification Version 1.2, January2006.
[36] Trusted Computing Group. TPM Main Part 3 Commands Specification Version 1.2 Level2 Revision 103, October 2006.
[37] Trusted Computing Group. TCG Software Stack (TSS) Specification Version 1.2, Level 1,Errata A. Part1: Commands and Structures, March 2007.
[38] Trusted Computing Group. TCG Specification Architecture Overview Specification Revision1.4, August 2007.
[39] Trusted Computing Group. TCG Mobile Trusted Module Specification Version 1.0, June2008.
[40] Trusted Computing Group. TCG Trusted Network Connect TNC Architecture for InteroperabilityVersion 1.3 Revision 6, April 2008.
[41] Vivek Haldar, Deepak Chandra, and Michael Franz. Semantic remote attestation: a virtualmachine directed approach to trusted computing. In VM’04: Proceedings of the 3rdconference on Virtual Machine Research And Technology Symposium, Berkeley, CA, USA,2004. USENIX Association.
[42] Amir Herzberg. Why Johnny can’t surf (safely)? Attacks and defenses for web users.Computers and Security, 28(1–2), February 2009.
[43] Intel. Intel trusted execution technology architectural overview. Technical report, Intel,http://www.intel.com/technology/security, February 2009.
[44] ISO. Information technology - Open Systems Interconnection – Basic Reference Model –Part2: Security Architecture, 1989. ISO 7498-2.
[45] ISO/IEC. Information technology - Open Systems Interconnection – Basic Reference Model:The Basic Model. International Organization for Standardization (ISO). ISO/IEC 7498-1.
[46] ISO/IEC. Information technology – Security techniques – Encryption algorithms – Part 2:Asymmetric ciphers. International Standards Organisation, 2006. ISO/IEC 18033-2:2006.
[47] Naomaru Itoi, William A. Arbaugh, Samuela J. Pollack, and Daniel M. Reeves. Personalsecure booting. In Proceedings of ACISP 2001, Sydney. Springer-Verlag, 2001.
[48] Trent Jaeger, Reiner Sailer, and Umesh Shankar. PRIMA: policy-reduced integrity measurementarchitecture. In SACMAT ’06: Proceedings of the eleventh ACM symposium onAccess control models and technologies, New York, NY, USA, 2006. ACM.
[49] Bernhard Jansen, HariGovind V Ramasamy, and Matthias Schunter. Flexible IntegrityProtection and Verification Architecture for Virtual Machine Monitors. In The SecondWorkshop on Advances in Trusted Computing (WATC ’06 Fall). IBM, November 2006.
[50] Yasuharu Katsuno, Yuji Watanabe, Sachiko Yoshihama, Takuya Mishina, and MichiharuKudoh. Layering negotiations for flexible attestation. In STC ’06: Proceedings of the firstACM workshop on Scalable trusted computing, New York, NY, USA, 2006. ACM.
[51] Bernhard Kauer. Oslo: improving the security of trusted computing. In SS’07: Proceedingsof 16th USENIX Security Symposium on USENIX Security Symposium, Berkeley, CA,USA, 2007. USENIX Association.
[52] Rick Kennell and Leah H. Jamieson. Establishing the genuinity of remote computer systems.In SSYM’03: Proceedings of the 12th conference on USENIX Security Symposium,Berkeley, CA, USA, 2003. USENIX Association.
[53] Ulrich K¨uhn, Marcel Selhorst, and Christian St¨uble. Realizing property-based attestationand sealing with commonly available hardware and software. In STC ’07: Proceedings ofthe 2007 ACM workshop on Scalable trusted computing, New York, NY, USA, 2007. ACM.
[54] Klaus Kursawe. The future of trusted computing: an outlook. In Chris J Mitchell, editor,Trusted Computing, number 6 in IEE Professional Applications of Computing Series,chapter 11. The Institute of Electrical Engineers, London, UK, 2005.
[55] Klaus Kursawe, Dries Schellekens, and Bart Preneel. Analyzing trusted platform communication.In In: ECRYPT Workshop, CRASH - CRyptographic Advances in SecureHardware, 2005.
[56] Adrian Leung, Liqun Chen, and Chris J. Mitchell. On a Possible Privacy Flaw in DirectAnonymous Attestation (DAA). In Trust ’08: Proceedings of the 1st international conferenceon Trusted Computing and Trust in Information Technologies, Berlin, Heidelberg,2008. Springer-Verlag.
[57] Shiqun Li, Shane Balfe, Jianying Zhou, and Kefei Chen. Enforcing Trust in PervasiveComputing with Trusted Computing Technology, volume 4347/2006 of Lecture Notes inComputer Science. Springer Berlin / Heidelberg, January 2007.
[58] Hiroshi Maruyama, Frank Seliger, Nataraj Nagaratnam, Tim Ebringer, Seji Munetho,Sachiko Yoshihama, and Taiga Nakamura. Trusted Platform on demand (TPod). TechnicalReport RT 0564, IBM Research Tokyo, 2004.
[59] Jonathan M. McCune, Adrian Perrig, Arvind Seshadri, and Leendert van Doorn. Turtlesall the way down: Research challenges in user-based attestation. In Proceedings of theWorkshop on Hot Topics in Security (HotSec), August 2007.
[60] Chris J Mitchell. What is trusted computing? In Chris J Mitchell, editor, Trusted Computing,number 6 in IEE Professional Applications of Computing Series, chapter 1. TheInstitute of Electrical Engineers, London, UK, 2005.
[61] Nicholas Nethercote and Julian Seward. Valgrind: a framework for heavyweight dynamicbinary instrumentation. In PLDI ’07: Proceedings of the 2007 ACM SIGPLAN conferenceon Programming language design and implementation, New York, NY, USA, 2007. ACM.
[62] Andreas Pashalidis and Chris J Mitchell. Single Sign-On using TCG-conformant platforms.In Chris J Mitchell, editor, Trusted Computing, number 6 in IEE Professional Applicationsof Computing Series, chapter 6. The Institute of Electrical Engineers, London, UK, 2005.
[63] Marcus Peinado, Paul England, and Yuqun Chen. An Overview of NGSCB. In Chris JMitchell, editor, Trusted Computing, number 6 in IEE Professional Applications of ComputingSeries, chapter 4. The Institute of Electrical Engineers, London, UK, 2005.
[64] Nick L. Petroni, Jr., Timothy Fraser, Jesus Molina, and William A. Arbaugh. Copilot - acoprocessor-based kernel runtime integrity monitor. In SSYM’04: Proceedings of the 13thconference on USENIX Security Symposium, Berkeley, CA, USA, 2004. USENIX Association.
[65] Jonathan Poritz, Matthias Schunter, Els Van Herreweghen, , and Michael Waidner. PropertyAttestation : Scalable and Privacy-friendly Security Assessment of Peer Computers.Technical Report RZ 3548 (99559) 05-10-04, IBM Research GmbH, Zurich Research Laboratory,8803 Ruschlikon, Switzerland, 2004.
[66] Graham J Proudler. Concepts of trusted computing. In Chris J Mitchell, editor, TrustedComputing, number 6 in IEE Professional Applications of Computing Series, chapter 2.The Institute of Electrical Engineers, London, UK, 2005.
[67] Naren Ramakrishnan, Benjamin J. Keller, Batul J. Mirza, Ananth Y. Grama, and GeorgeKarypis. Privacy Risks in Recommender Systems. IEEE Internet Computing, 5(6), 2001.
[68] Kumar Ranganathan. Trustworthy Pervasive Computing: The Hard Security Problems. InPERCOMW ’04: Proceedings of the Second IEEE Annual Conference on Pervasive Computingand Communications Workshops, Washington, DC, USA, 2004. IEEE ComputerSociety.
[69] Ronald L. Rivest, Adi Shamir, and Yael Tauman. How to leak a secret. In Proceedings of the7th International Conference on the Theory and Application of Cryptology and InformationSecurity: Advances in Cryptology. Springer-Verlag, 2001.
[70] Carsten Rudolph. Covert Identity Information in Direct Anonymous Attestation (DAA).In Hein S. Venter, Mariki M. Eloff, Les Labuschagne, Jan H. P. Eloff, and Rossouw vonSolms, editors, SEC, volume 232 of IFIP. Springer, 2007.
[71] Ahmad-Reza Sadeghi, Christian St¨uble, and Marcel Winandy. Property-Based TPM Virtualization.In ISC ’08: Proceedings of the 11th international conferenceon InformationSecurity, Berlin, Heidelberg, 2008. Springer-Verlag.
[72] Sadeghi, Ahmad-Reza and St¨uble, Christian. Property-based attestation for computingplatforms: caring about properties, not mechanisms. In NSPW ’04: Proceedings of the2004 workshop on New security paradigms, New York, NY, USA, 2004. ACM.
[73] Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn. Design and implementationof a TCG-based integrity measurement architecture. In SSYM’04: Proceedingsof the 13th conference on USENIX Security Symposium, Berkeley, CA, USA, 2004. USENIXAssociation.
[74] Dries Schellekens, Brecht Wyseur, and Bart Preneel. Remote attestation on legacy operatingsystems with trusted platform modules. Sci. Comput. Program., 74(1-2), 2008.
[75] Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doorn, and PradeepKhosla. Pioneer: verifying code integrity and enforcing untampered code execution onlegacy systems. In SOSP ’05: Proceedings of the twentieth ACM symposium on Operatingsystems principles, New York, NY, USA, 2005. ACM Press.
[76] Arvind Seshadri, Adrian Perrig, Leendert Van Doorn, and Pradeep Khosla. SWATT:Software-based attestation for embedded devices. In Proceedings of the IEEE Symposiumon Security and Privacy, 2004.
[77] Elaine Shi, Adrian Perrig, and Leendert van Doorn. BIND: A Fine-grained AttestationService for Secure Distributed Systems. In IEEE Symposium on Security and Privacy,2005.
[78] Sean W. Smith. Outbound Authentication for Programmable Secure Coprocessors. InESORICS ’02: Proceedings of the 7th European Symposium on Research in ComputerSecurity, London, UK, 2002. Springer-Verlag.
[79] Sean W. Smith. Trusted Computing Platforms: Design and Applications. Springer-VerlagNew York, Inc., Secaucus, NJ, USA, 2004.
[80] Evan R. Sparks. A Security Assessment of Trusted Platform Modules. Technical ReportTR2007-597, Dartmouth College, Computer Science, Hanover, NH, June 2007.
[81] Geoffrey Strongin. Trusted computing using AMD Pacifica and Presidio secure virtualmachine technology. Information Security Technical Report, 10, 2005.
[82] Frederic Stumpf, Omid Tafreschi, Patrick Roder, and Claudia Eckert. Robust IntegrityReporting Protocol for Remote Attestation. In Proceedings of the Second Workshop onAdvances in Trusted Computing (WATC’06 Fall), 2006.
[83] Stumpf, Frederic, Fuchs, Andreas, Katzenbeisser, Stefan, and Eckert, Claudia. Improvingthe scalability of platform attestation. In STC ’08: Proceedings of the 3rd ACM workshopon Scalable trusted computing, New York, NY, USA, 2008. ACM.
[84] Frank Swiderski and Window Snyder. Threat Modeling. Microsoft Press, June 2004.
[85] Mark Weiser. Some computer science issues in ubiquitous computing. SIGMOBILE Mob.Comput. Commun. Rev., 3(3), 1999.