Abstract
This paper presents a new method to enhance the trust of traditional computing device by using the popular mobile phone. We first propose a formal method to analyze the platform trust establishment process based on trusted computing technology, and the formal results reveal possible attack and suggest potential solutions. Then, we design an improved solution, in which the mobile phone is extended to support three trusted computing functions: using mobile phone as a root of trust instead of Trusted Platform Module, as a local investigator to obtain evidences from the local computing platform, and as a trusted agent to build a secure communication channel with an external entity in the remote attestation applications. Finally, to describe the feasibility and efficiency, a prototype of the trusted mobile phone is implemented and evaluated based on an ARM development board.
Similar content being viewed by others
Notes
The host for the chip is IBM ThinkCentre M52 81114, and the TPM chip conforms to the TPM 1.2 standard of TCG.
The host for the chip is Lenovo ThinkCentre M4000t, and the TCM chip conforms to the TCM specification of State Cryptography Administration.
References
Trusted Computing Group. (2011). TPM main specification level 2 version 1.2, revision 116.
Ryan, Mark. (2009). Introduction to the TPM 1.2. DRAFT of March 24.
Parno, B., McCune, J. M., & Perrig, A. (2010). Bootstrapping trust in commodity computers. In Proceedings of the IEEE symposium on security and privacy (pp. 414–429).
Parno, B. (2012). Trust extension for commodity computers. Journal of Communications of the ACM, 55, 76–85.
Hein, D. M., Toegl, R., Pirker, M., Gatial, E., Balogh, Z., Brandl, H., & Hluchy, L. (2012). Securing mobile agents for crisis management support. In Proceedings of the seventh ACM workshop on Scalable trusted computing.
McCune, J. M., Perrig, A., Seshadri, A., & van Doorn, L. (2007). Turtles all the way down: Research challenges in user-based attestation. In Proceedings of the 2nd USENIX workshop on Hot Topics in Security. USENIX.
Feng, W., Qin, Y., & Feng, D. G., et al. (2013). Mobile trusted agent (MTA): Build user-based trust for general-purpose computer platform. In Proceedings of network and system security. Berlin, Heidelberg: Springer.
Zhang, D., Han, Z., & Yan, G. (2010). A portable TPM based on USB key. In Proceedings of the 17th ACM conference on computer and communications security (pp. 750–752).
Dietrich, K., & Winter, J. (2009). Implementation aspects of mobile and embedded trusted computing. In Proceedings of the 2nd international conference on trusted computing. Berlin, Heidelberg: Springer.
Winter, J. (2008). Trusted computing building blocks for embedded linux-based ARM trustzone platforms. In Proceedings of the 3rd ACM workshop on scalable trusted computing (pp. 21–30).
ARM Limited. (2009). ARM security technology: Building a secure system using trustzone technology. ARM Technical White Paper.
Dietrich, K. (2007). An integrated architecture for trusted computing for java enabled embedded devices. In Proceedings of the 2007 ACM workshop on Scalable trusted computing (pp. 2–6).
Feng, W., Feng, D. G., & Wei, G., et al. (2013). TEEM: A user-oriented trusted mobile device for multi-platform security applications. In Proceedings of trust and trustworthy computing. Berlin, Heidelberg: Springer.
State Cryptography Administration. (2007). Functionality and interface specification of cryptographic support platform for trusted computing (in Chinese)
Microsoft Corporation. (2009). User Guide for COFEE v1.1.2. September.
TCG Trusted Network Connect. (2009). TNC architecture for interoperability, version 1.4, revision 4.
Bryan, P. (2008). Bootstrapping trust in a “trusted” platform. In Proceedings of the 3rd USENIX workshop on hot topics in security. USENIX.
Sparks, E. R. (2007). A security assessment of trusted platform modules. Technical Report TR2007-597, Dartmouth College.
Datta, A., Franklin, J., Garg, D., & Kaynar, D. (2009). A logic of secure systems and its application to trusted computing. In Proceedings of the 30th IEEE symposium on security and privacy (pp. 221–236).
Toegl, R., & Hutter, Michael. (2011). An approach to introducing locality in remote attestation using near field communications. The Journal of Supercomputing, 55(2), 207–227.
Vasudevan, A., Owusu, E., Zhou, Z., Newsome, J., & McCune, J. M. (2012). Trustworthy execution on mobile devices: What security properties can my mobile platform give me?. In Proceedings of trust and trustworthy computing. Berlin, Heidelberg: Springer.
Chen, L. (2009). SP 800-108—Recommendation for key derivation using pseudorandom functions (Revised). Technical Report, National Institute of Standards & Technology, Gaithersburg, MD. ACM. https://dl.acm.org/citation.cfm?id=2206195.
Yao, F. F., & Yin, Y. L. (2005). Design and analysis of password-based key derivation functions. In A. Menezes (Ed.), Proceedings of the 2005 international conference on Topics in Cryptology (pp. 245-261). Berlin, Heidelberg: Springer.
Trusted Computing Group. (2013). Trusted platform module library: part 1–part 4. Family 2.0, Level 00 Revision 00.96.
Real210. (2011). http://www.realarm.cn/pic/?78_490.html.
Open Virtualization. http://www.openvirtualization.org/.
Strasser, M. (2014). TPM emulator. http://tpm-emulator.berlios.de.
Software TPM Introduction (IBM). http://ibmswtpm.sourceforge.net.
Intel. Mobile Platform Vision Guide (2002)
Nepal, S., Zic, J., Liu, D., & Jang, J. (2010). Trusted computing platform in your pocket. In Proceedings of the 2010 IEEE/IFIP international conference on embedded and ubiquitous computing (pp. 812–817).
Moreland, D., Nepal, S., Hwang, H., & Zic, J. (2010). A snapshot of trusted personal devices applicable to transaction processing. Journal of Personal and Ubiquitous Computing, 14(4), 347–361.
TCG Mobile Phone Working Group. (2010). TCG mobile trusted module specification. Version 1.0, Revision 7.02.
Ekberg, J.-E., & Bugiel, S. (2009). Trust in a small package: minimized MRTM software implementation for mobile secure environments. In Proceedings of the 2009 ACM workshop on scalable trusted computing (pp. 9–18).
Aaraj, N., Raghunathan, A., & Jha, N. K. (2008). Analysis and design of a hardware/software trusted platform module for embedded systems. ACM Transactions on Embedded Computing Systems, 8(1), 1–31.
Aaraj, N., Raghunathan, A., Ravi, S., & Jha, A. K. (2007). Energy and execution time analysis of a software-based trusted platform module. In Proceedings of the conference on design, automation and test in Europe. IEEE.
Winkler, T., & Rinner, B. (2011). Securing embedded smart cameras with trusted computing. EURASIP Journal on Wireless Communications and Networking,. https://doi.org/10.1155/2011/530354.
Santos, N., Raj, H., Saroiu, S., & Wolman, A. (2011). Trusted language runtime (TLR): enabling trusted applications on smartphones. In Proceedings of the 12th workshop on mobile computing systems and applications. ACM.
Mannan, M., Kim, B. H., Ganjali, A., & Lie, D. (2011). Unicorn: Two-factor attestation for data security. In Proceedings of the ACM conference on computer and communications security (pp. 17–28). New York, NY, USA.
Millen, J., Guttman, J., Ramsdell, J., Sheehy, J., Sniffen, B. (2007). Analysis of a measured launch. The MITRE corporation.
Ramsdell, J. D., Guttman, J. D., Millen, J. K., & O’Hanlon, B. (2009). An analysis of the CAVES attestation protocol using CPSA. Mitre Technical Report.
Coker, G., & Guttman, J. (2011). Principles of remote attestation. International Journal of Information Security, 10(2), 63–81.
Eichhorn, I., Koeberl, P., & van der Leest, V. (2011). Logically reconfigurable PUFs: Memory-based secure key storage. In Proceedings of the sixth ACM workshop on Scalable trusted computing (pp. 59–64). ACM, New York, NY, USA.
Acknowledgements
The research presented in this paper is supported by the National Basic Research Program of China (No. 2013CB338003) and National Natural Science Foundation of China (Nos. 61602455, 91118006 and 61202414). We would also like to thank the anonymous reviewers for their helpful comments to improve the paper.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Feng, W., Qin, Y. & Feng, D. Using mobile phones to enhance computing platform trust. Telecommun Syst 69, 187–205 (2018). https://doi.org/10.1007/s11235-018-0456-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-018-0456-y