Skip to main content
SpringerLink
Log in

A Demonstrative Ad Hoc Attestation System

  • Conference paper
Book cover Information Security (ISC 2008)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 5222))

Included in the following conference series:

Abstract

Given the growing number and increasingly criminally motivated attacks on computing platforms, the ability to assert the integrity of platform becomes indispensable. The trusted computing community has come up with various remote attestation protocols that allow to assert the integrity of a remote platform over a network.

A related problem is that of ad hoc attestation, where a user walks up to a computing platform and wants to find out whether that platform in front of her is in a trustworthy state or not. ad hoc attestation is considered to be an open problem, and some very recent publications have outlined a number of open challenges in this field. Major challenges are (i) the security against platform in the middle attacks (ii) viable choice of the device used to perform attestation, and (iii) the manageability of integrity measurements on that device.

In this paper we describe a concrete implementation of an ad hoc attestation system that resolves these challenges. Most importantly, our system offers a novel and very intuitive user experience. In fact, from a user perspective, ad hoc attestation using our solution roughly consists of initiating the process on the target platform and then holding a security token to the screen of the target platform. The outcome of the ad hoc attestation (i.e., whether the platform is trustworthy or not) is then shown on the token’s display. This usage paradigm, which we refer to as demonstrative ad hoc attestation, is based on a novel security token technology, which we have used. We believe that our system has the potential to be evolved into a system for real world usage.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abadi, M., Burrows, M., Kaufman, C., Lampson, B.: Authentication and delegation with smart-cards. In: TACS 1991: Selected papers of the conference on Theoretical aspects of computer software, Netherlands, pp. 93–113. Elsevier Science Publishers, Amsterdam (1993)

    Google Scholar 

  2. Asokan, N., Debar, H., Steiner, M., Waidner, M.: Authenticating public terminals. Comput. Networks 31(9), 861–870 (1999)

    Article  Google Scholar 

  3. Arm secure core processor family, http://www.arm.com/products/cpus/families/securcorefamily.html

  4. Axsionics homepage, http://www.axsionics.com/

  5. Boneh, D., Jackson, C., Mitchell, J.C.: Transaction generators: Rootkits for the web. In: Proceedings of the Workshop on Hot Topics in Security (HotSec) (2007)

    Google Scholar 

  6. Cheng, K.S.C.Y., Yunus, J.: Authentication public terminals with smart cards. In: TENCON 2000, 24-27 September 2000, vol. 1, pp. 527–530 (2000)

    Google Scholar 

  7. Stewart, P., Balfanz, D., Smetters, D.K., Chi, H.: Talking to strangers: Authentication in ad-hoc wireless networks. In: Symposium on Network and Distributed Systems Security (NDSS 2002) (2002)

    Google Scholar 

  8. Catherman, R., Safford, D., van Doorn, L., Challener, D., Yoder, K.: A Practical Guide to Trusted Computing. IBM Press (2007)

    Google Scholar 

  9. Drimer, S., Murdoch, S.J.: Keep your enemies close: Distance bounding against smartcard relay attacks. In: USENIX Security Symposium (August 2007)

    Google Scholar 

  10. Perrig, A., Shi, E., van Doorn, L.: Bind: A time-of-use attestation service for secure distributed systems. In: Proceedings of IEEE Symposium on Security and Privacy (May 2005)

    Google Scholar 

  11. Röder, P., Stumpf, F., Tafreschi, O., Eckert, C.: A robust integrity reporting protocol for remote attestation. In: Proceedings of the Second Workshop on Advances in Trusted Computing (WATC 2006 Fall) (December 2006)

    Google Scholar 

  12. Goldman, K., Perez, R., Sailer, R.: Linking remote attestation to secure tunnel endpoints. In: STC 2006: Proceedings of the first ACM workshop on Scalable trusted computing, pp. 21–24. ACM, New York (2006)

    Chapter  Google Scholar 

  13. Grawrock, D.: The Intel Safer Computing Initiative. Intel Press (2006)

    Google Scholar 

  14. Gasmi, Y., Sadeghi, A.-R., Stewin, P., Unger, M., Asokan, N.: Beyond secure channels. In: STC 2007: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pp. 30–40. ACM, New York (2007)

    Chapter  Google Scholar 

  15. http://trustedjava.sourceforge.net/

  16. Krebs,B.: Banks: Losses from computer intrusions up in (2007)

    Google Scholar 

  17. Mitchell, C. (ed.): Trusted Computing. The Institution of Electrical Engineers (2005)

    Google Scholar 

  18. McCune, J.M., Perrig, A., Reiter, M.K.: Seeing-is-believing: Using camera phones for human-verifiable authentication. In: SP 2005: Proceedings of the 2005 IEEE Symposium on Security and Privacy, pp. 110–124. IEEE Computer Society, Washington (2005)

    Google Scholar 

  19. McCune, J.M., Perrig, A., Seshadri, A., van Doorn, L.: Turtles all the way down: Research challenges in user-based attestation. In: Proceedings of the Workshop on Hot Topics in Security (HotSec) (2007)

    Google Scholar 

  20. Open Trusted Computing, http://www.opentc.net

  21. Pearson, S. (ed.): Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall, Englewood Cliffs (2003)

    Google Scholar 

  22. Ranganathan, K.: Trustworthy pervasive computing: The hard security problems. In: PERCOMW 2004: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, p. 117. IEEE Computer Society, Washington (2004)

    Chapter  Google Scholar 

  23. Jaeger, T., van Doorn, L., Sailer, R., Zhang, X.: Design and implementation of a tcg-based integrity measurement architecture. In: SSYM 2004: Proceedings of the 13th conference on USENIX Security Symposium. USENIX Association, Berkeley (2004)

    Google Scholar 

  24. Stajano, F., Anderson, R.J.: The resurrecting duckling: Security issues for ad-hoc wireless networks. In: Proceedings of the 7th International Workshop on Security Protocols, London, UK, pp. 172–194. Springer, Heidelberg (1999)

    Google Scholar 

  25. Berger, S., Sailer, R., van Doorn, L., Zhang, X., Garriss, S., Caceres, R.: Towards trustworthy kiosk computing. In: Proc. of 8th IEEE Workshop on Mobile Computing Systems and Applications (HotMobile) (February 2007)

    Google Scholar 

  26. Sadeghi, A.-R., Stüble, C.: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: NSPW 2004: Proceedings of the 2004 workshop on New security paradigms, pp. 67–77. ACM, New York (2004)

    Google Scholar 

  27. Sadeghi, A.R., Stüble, C.: Towards Multilaterally Secure Computing Platforms - With Open Source and Trusted Computing. Elesevier 10, 83–95 (2005)

    Google Scholar 

  28. Shapiro, J.S., Vanderburgh, J., Northup, E., Chizmadia, D.: Design of the eros trusted window system. In: SSYM 2004: Proceedings of the 13th conference on USENIX Security Symposium, p. 12. USENIX Association, Berkeley (2004)

    Google Scholar 

  29. Trusted Computing Group (TCG). About the TCG, http://www.trustedcomputinggroup.org/about/

  30. Trusted Computing Group (TCG). TSS specifications, https://www.trustedcomputinggroup.org/groups/software/

  31. Trusted Computing Group. TCG Architecture Overview (April 2004)

    Google Scholar 

  32. Trusted Computing Group (TCG). TPM Main Specification 1.2, Rev. 85 (February 2005), https://www.trustedcomputinggroup.org/groups/tpm/

  33. Turaya OS homepage, http://www.emscb.com/content/pages/turaya.htm

Download references

Author information

Authors and Affiliations

  1. Bern University of Applied Sciences, Switzerland

    Endre Bangerter & Maksim Djackov

  2. University of Bochum, Germany

    Ahmad-Reza Sadeghi

Authors
  1. Endre Bangerter
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maksim Djackov
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ahmad-Reza Sadeghi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Tzong-Chen Wu Chin-Laung Lei Vincent Rijmen Der-Tsai Lee

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bangerter, E., Djackov, M., Sadeghi, AR. (2008). A Demonstrative Ad Hoc Attestation System. In: Wu, TC., Lei, CL., Rijmen, V., Lee, DT. (eds) Information Security. ISC 2008. Lecture Notes in Computer Science, vol 5222. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85886-7_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-85886-7_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-85884-3

  • Online ISBN: 978-3-540-85886-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation