Abstract
Many commodity operating systems and applications become infested with malicious software over time, primarily due to exploits that take advantage of software flaws and operator errors. In this paper, we present the salient features of a system design which allows remote-device authentication by a verifier, reaching malware-free memory states, and trusted application booting in the presence of malicious software that is controlled by a network adversary. Our system design revisits the notion of device attestation with bounded leakage of secrets (DABLS), and illustrates both the significant challenges of making it work in practice and how to overcome them.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Armknecht, F., Sadeghi, A.-R., Schulz, S., Wachsmann, C.: A Security Framework for Analysis and Design of Software Attestation. In: Cryptology ePrint Archive: Report 2013/083 (February 18, 2013)
Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Silicon physical random functions. In: Proceedings of ACM Conference on Computer and Communication Security (CCS), pp. 148–160 (2002)
Kovah, X., Kallenberg, C., Weathers, C., Herzog, A., Albin, M., Butterworth, J.: New results for timing-based attestation. In: Proceedings of the IEEE Symposium on Security and Privacy (May 2012)
Li, Y., McCune, J.M., Perrig, A.: SBAP: Software-based attestation for peripherals. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 16–29. Springer, Heidelberg (2010)
Pappu, R.: Physical One-Way Functions. PhD thesis, MIT School of Architecture and Planning, Program in Media Arts and Sciences (March 2001)
Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: SCUBA: Secure code update by attestation in sensor networks. In: Proceedings of ACM Workshop on Wireless Security, WiSe (September 2006)
Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: Verifying integrity and guaranteeing execution of code on legacy platforms. In: Proceedings of ACM Symposium on Operating Systems Principles (SOSP), pp. 1–16 (October 2005)
Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: Software-based attestation for embedded devices. In: Proceedings of the IEEE Symposium on Security and Privacy (May 2004)
Shaneck, M., Mahadevan, K., Kher, V., Kim, Y.: Remote software-based attestation for wireless sensors. In: Molva, R., Tsudik, G., Westhoff, D. (eds.) ESAS 2005. LNCS, vol. 3813, pp. 27–41. Springer, Heidelberg (2005)
Tran, A.: DABLS: Device attestation with bounded leakage of secrets. Master’s thesis, Carnegie Mellon University (July 2011), http://www.cylab.cmu.edu/files/pdfs/tech_reports/CMUCyLab13009.pdf
Trusted Computing Group. Trusted platform module main specification, Part 1: Design principles, Part 2: TPM structures, Part 3: Commands. Version 1.2, Revision 103 (July 2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhao, J., Gligor, V., Perrig, A., Newsome, J. (2013). ReDABLS: Revisiting Device Attestation with Bounded Leakage of Secrets. In: Christianson, B., Malcolm, J., Stajano, F., Anderson, J., Bonneau, J. (eds) Security Protocols XXI. Security Protocols 2013. Lecture Notes in Computer Science, vol 8263. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41717-7_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-41717-7_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41716-0
Online ISBN: 978-3-642-41717-7
eBook Packages: Computer ScienceComputer Science (R0)