Skip to main content
SpringerLink
Log in

Group-Based Attestation: Enhancing Privacy and Management in Remote Attestation

  • Conference paper
Book cover Trust and Trustworthy Computing (Trust 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6101))

Included in the following conference series:

Abstract

One of the central aims of Trusted Computing is to provide the ability to attest that a remote platform is in a certain trustworthy state. While in principle this functionality can be achieved by the remote attestation process as standardized by the Trusted Computing Group, privacy and scalability problems make it difficult to realize in practice: In particular, the use of the SHA-1 hash to measure system components requires maintenance of a large set of hashes of presumably trustworthy software; furthermore, during attestation, the full configuration of the platform is revealed. In this paper we show how chameleon hashes allow to mitigate of these two problems. By using a prototypical implementation we furthermore show that the approach is feasible in practice.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Brickell, E., Camenisch, J., Chen, L.: Direct Anonymous Attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, Washington DC, USA, pp. 132–145. ACM, New York (2004)

    Chapter  Google Scholar 

  2. Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: 13th USENIX Security Symposium, San Diego, CA, USA, August 2004, USENIX Association (2004)

    Google Scholar 

  3. Lyle, J., Martin, A.: On the feasibility of remote attestation for web services. In: 2009 International Conference on Computational Science and Engineering, Vancouver, BC, Canada, pp. 283–288 (2009)

    Google Scholar 

  4. Sadeghi, A., Stüble, C.: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: Proceedings of the 2004 Workshop on New Security Paradigms, Nova Scotia, Canada, pp. 67–77. ACM, New York (2004)

    Google Scholar 

  5. England, P.: Practical techniques for operating system attestation. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 1–13. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  6. Krawczyk, H., Rabin, T.: Chameleon hashing and signatures. In: Proceedings of the Network and Distributed System Security Symposium, pp. 143–154. The Internet Society, San Diego (2000)

    Google Scholar 

  7. Ateniese, G., de Medeiros, B.: On the key exposure problem in chameleon hashes. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 165–179. Springer, Heidelberg (2005)

    Google Scholar 

  8. Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)

    Google Scholar 

  9. Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, p. 644. Springer, Heidelberg (2003)

    Google Scholar 

  10. Brickell, E., Li, J.: Enhanced privacy ID: a direct anonymous attestation scheme with enhanced revocation capabilities. In: Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society, Alexandria, Virginia, USA, pp. 21–30. ACM, New York (2007)

    Chapter  Google Scholar 

  11. Chen, X., Feng, D.: A new direct anonymous attestation scheme from bilinear maps. In: International Conference for Young Computer Scientists, pp. 2308–2313. IEEE Computer Society, Los Alamitos (2008)

    Chapter  Google Scholar 

  12. Kühn, U., Selhorst, M., Stüble, C.: Realizing property-based attestation and sealing with commonly available hard- and software. In: STC 2007: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, pp. 50–57. ACM, New York (2007)

    Chapter  Google Scholar 

  13. Haldar, V., Chandra, D., Franz, M.: Semantic remote attestation: a virtual machine directed approach to trusted computing. In: Proceedings of the 3rd Conference on Virtual Machine Research And Technology Symposium, San Jose, California, vol. 3, p. 3. USENIX Association (2004)

    Google Scholar 

  14. Yoshihama, S., Ebringer, T., Nakamura, M., Munetoh, S., Maruyama, H.: WS-Attestation: efficient and Fine-Grained remote attestation on web services. In: Proceedings of the IEEE International Conference on Web Services, pp. 743–750. IEEE Computer Society, Los Alamitos (2005)

    Chapter  Google Scholar 

  15. Alam, M., Nauman, M., Zhang, X., Ali, T., Hung, P.C.: Behavioral attestation for business processes. In: IEEE International Conference on Web Services, pp. 343–350. IEEE Computer Society, Los Alamitos (2009)

    Chapter  Google Scholar 

  16. Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Advanced Security Research Darmstadt - CASED, Technische Universität Darmstadt, Mornewegstraße 32, 64293, Darmstadt, Germany

    Sami Alsouri, Özgür Dagdelen & Stefan Katzenbeisser

Authors
  1. Sami Alsouri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Özgür Dagdelen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stefan Katzenbeisser
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Heinz College, Carnegie Mellon University, 5000 Forbes Avenue, HBH 2105C, 15213, Pittsburgh, PA, USA

    Alessandro Acquisti

  2. Department of Computer Science, 6211 Sudikoff Laboratory, Dartmouth College, 03755-3510, Hanover, NH, USA

    Sean W. Smith

  3. System Security Lab, Ruhr University Bochum, Universitätsstr. 150, 44780, Bochum, Germany

    Ahmad-Reza Sadeghi

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Alsouri, S., Dagdelen, Ö., Katzenbeisser, S. (2010). Group-Based Attestation: Enhancing Privacy and Management in Remote Attestation. In: Acquisti, A., Smith, S.W., Sadeghi, AR. (eds) Trust and Trustworthy Computing. Trust 2010. Lecture Notes in Computer Science, vol 6101. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13869-0_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-13869-0_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-13868-3

  • Online ISBN: 978-3-642-13869-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation