skip to main content
10.1145/1179474.1179479acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

A protocol for property-based attestation

Published: 03 November 2006 Publication History

Abstract

The Trusted Computing Group (TCG) has issued several specifications to enhance the architecture of common computing platforms by means of new functionalities, amongst others the (binary) attestation to verify the integrity of a (remote) computing platform/application. However, as pointed out recently, the binary attestation has some shortcomings, in particular when used for applications: First, it reveals information about the configuration of a platform (hardware and software) or application. This can be misused to discriminate certain configurations (e.g., operating systems) and the corresponding vendors, or be exploited to mount attacks. Second, it requires the verifier to know all possible ``trusted'' configurations of all platforms as well as managing updates and patches that change the configuration. Third, it does not necessarily imply that the platform complies with desired (security) properties. A recent proposal to overcome these problems is to transform the binary attestation into property-based attestation, which requires to only attest whether a platform or an application fulfills the desired (security) requirements without revealing the specific software or/and hardware configuration.Based on previous works, we propose a concrete efficient property-based attestation protocol within an abstract model for the main functionalities provided by TCG-compliant platforms. We prove the security of this protocol under the strong RSA assumption and the discrete logarithm assumption in the random oracle model. Our scheme allows blind verification and revocation of mappings between properties and configurations.

References

[1]
W. A. Arbaugh, D. J. Farber, and J. M. Smith. A secure and reliable bootstrap architecture. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 65--71, Oakland, CA, May 1997, IEEE Computer Society Press.
[2]
P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In SOSP '03: Proceedings of the 19th ACM symposium on Operating systems principles, pages 164--177, New York, NY, USA, 2003. ACM Press.
[3]
P. Barham, B. Dragovich, K. Fraser, S. Hand, A. Ho, and I. Pratt. Safe hardware access with the Xen virtual machine monitor. In 1st Workshop on Operating System and Architectural Support for On-Demand IT Infrastructure, 2004.
[4]
E. Brickell, J. Camenisch, and L. Chen. Direct anonymous attestation. In Proceedings of the 11th ACM Conference on Computer and Communications Security, Washington, DC, USA, Oct. 2004. ACM Press.
[5]
J. Camenisch and J. Groth. Group signatures: Better efficiency and new theoretical aspects. In C. Blundo and S. Cimato, editors, SCN, volume 3352 of LNCS, pages 120--133. Springer, 2004.
[6]
J. Camenisch and A. Lysyanskaya. A signature scheme with efficient protocols. In Third Conference on Security in Communication Networks - SCN '02, volume 2576 of LNCS, pages 268--289. Springer-Verlag, Berlin Germany, 2002.
[7]
J. Camenisch and V. Shoup. Practical verifiable encryption and decryption of discrete logarithms. In D. Boneh, editor, CRYPTO, volume 2729 of Lecture Notes in Computer Science, pages 126--144. Springer, 2003.
[8]
J. Camenisch and M. Stadler. Proof systems for general statements about discrete logarithms. Technical Report TR 260, Department of Computer Science, ETH Zürich, Mar. 1997.
[9]
R. Canetti. Security and composition of multiparty cryptographic protocols. Journal of Cryptology, 13(1):143--202, Winter 2000.
[10]
Common Criteria Project Sponsoring Organisations. Common Criteria for Information Technology Security Evaluation, Aug. 1999. Version 2.1, adopted by ISO/IEC as ISO/IEC International Standard (IS) 15408 1-3. Available from http://csrc.ncsl.nist.gov/cc/ccv20/ccv2list.htm.
[11]
J. Dyer, M. Lindemann, R. Perez, R. Sailer, L. van Doorn, S. W. Smith, and S. Weingart. Building the IBM 4758 Secure Coprocessor. IEEE Computer, 34(10):57--66, 2001.
[12]
P. England, B. Lampson, J. Manferdelli, M. Peinado, and B. Willman. A trusted open platform. IEEE Computer, 36(7):55--63, 2003.
[13]
A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In A. M. Odlyzko, editor, Advances in Cryptology -- CRYPTO '86, volume 263 of LNCS, pages 186--194, Santa Barbara, CA, USA, 1987. International Association for Cryptologic Research, Springer-Verlag, Berlin Germany.
[14]
T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: a virtual machine-based platform for trusted computing. In Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP'03), pages 193--206, 2003.
[15]
T. C. Group. TCG software stack specification. http://trustedcomputinggroup.org, Aug. 2003. Version 1.1.
[16]
V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation: A virtual machine directed approach to trusted computing. In USENIX Virtual Machine Research and Technology Symposium, May 2004. also Technical Report No. 03-20, School of Information and Computer Science, University of California, Irvine; October 2003.
[17]
D. Lie, C. A. Thekkath, and M. Horowitz. Implementing an untrusted operating system on trusted hardware. In Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP'03), pages 178--192, 2003.
[18]
R. MacDonald, S. Smith, J. Marchesini, and O. Wild. Bear: An open-source virtual secure coprocessor based on TCPA. Technical Report TR2003-471, Department of Computer Science, Dartmouth College, 2003.
[19]
J. Marchesini, S. Smith, O. Wild, A. Barsamian, and J. Stabiner. Open-source applications of TCPA hardware. In 20th Annual Computer Security Applications Conference. ACM, Dec. 2004.
[20]
J. Marchesini, S. W. Smith, O. Wild, and R. MacDonald. Experimenting with TCPA/TCG hardware, or: How I learned to stop worrying and love the bear. Technical Report TR2003-476, Department of Computer Science, Dartmouth College, 2003.
[21]
Microsoft Corporation. Building a secure platform for trustworthy computing. White paper, Microsoft Corporation, Dec. 2002.
[22]
C. Mundie, P. de Vries, P. Haynes, and M. Corwine. Microsoft whitepaper on trustworthy computing. Technical report, Microsoft Corporation, Oct. 2002.
[23]
G. C. Necula and P. Lee. The design and implementation of a certifying compiler. In Proceedings of the 1998 ACM SIGPLAN Conference on Prgramming Language Design and Implementation (PLDI), pages 333--344, 1998.
[24]
T. P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In J. Feigenbaum, editor, Advances in Cryptology -- CRYPTO '91, volume 576 of LNCS, pages 129--140. International Association for Cryptologic Research, Springer-Verlag, Berlin Germany, 1992. Extended abstract.
[25]
B. Pfitzmann, J. Riordan, C. Stüble, M. Waidner, and A. Weber. The PERSEUS system architecture. Technical Report RZ 3335 (#93381), IBM Research Division, Zurich Laboratory, Apr. 2001.
[26]
B. Pfitzmann and M. Waidner. A model for asynchronous reactive systems and its application to secure message transmission. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 184--200, Oakland, CA, May 2001, IEEE Computer Society Press.
[27]
J. Poritz, M. Schunter, E. Van Herreweghen, and M. Waidner. Property attestation---scalable and privacy-friendly security assessment of peer computers. Technical Report RZ 3548, IBM Research, May 2004.
[28]
A.-R. Sadeghi and C. Stüble. Taming ``trusted computing'' by operating system design. In Information Security Applications, volume 2908 of LNCS, pages 286--302. Springer-Verlag, Berlin Germany, 2003.
[29]
A.-R. Sadeghi and C. Stüble. Property-based attestation for computing platforms: Caring about properties, not mechanisms. In The 2004 New Security Paradigms Workshop, Virginia Beach, VA, USA, Sept. 2004. ACM SIGSAC, ACM Press.
[30]
D. Safford. Clarifying misinformation on TCPA. White paper, IBM Research, Oct. 2002.
[31]
D. Safford. The need for TCPA. White paper, IBM Research, Oct. 2002.
[32]
R. Sailer, T. Jaeger, E. Valdez, R. Caceres, R. Perez, S. Berger, J. L. Griffin, and L. van Doorn. Building a MAC-based security architecture for the Xen open-source hypervisor. In ACSAC '05: Proceedings of the 21st Annual Computer Security Applications Conference, pages 276--285, Washington, DC, USA, 2005. IEEE Computer Society.
[33]
R. Sailer, E. Valdez, T. Jaeger, R. Perez, L. van Doorn, J. L. Griffin, and S. Berger. sHype: Secure hypervisor approach to trusted virtualized systems. Research Report RC23511, IBM T.J. Watson Research Center, Yorktown Heights, NY, USA, Feb 2005.
[34]
R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of the 13th USENIX Security Symposium. USENIX, Aug. 2004.
[35]
Trusted~Computing Group. TPM main specification. Main Specification Version 1.2 rev. 85, Trusted Computing Group, Feb. 2005.
[36]
Trusted Computing Platform Alliance (TCPA). Main specification, Feb. 2002. Version 1.1b.

Cited By

View all
  • (2024)Smart industrial information integration: a lightweight privacy protection model in an intelligent manufacturing architectureJournal of Engineering Design10.1080/09544828.2024.237706935:11(1339-1366)Online publication date: 27-Aug-2024
  • (2024)Towards a Privacy-Preserving Attestation for Virtualized NetworksComputer Security – ESORICS 202310.1007/978-3-031-51482-1_18(351-370)Online publication date: 11-Jan-2024
  • (2023)Whole-Program Control-Flow Path AttestationProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616687(2680-2694)Online publication date: 15-Nov-2023
  • Show More Cited By

Index Terms

  1. A protocol for property-based attestation

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    STC '06: Proceedings of the first ACM workshop on Scalable trusted computing
    November 2006
    66 pages
    ISBN:1595935487
    DOI:10.1145/1179474
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 03 November 2006

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. TCG binary attestation
    2. property-based attestation
    3. security kernels
    4. zero-knowledge proof of knowledge

    Qualifiers

    • Article

    Conference

    CCS06
    Sponsor:

    Acceptance Rates

    Overall Acceptance Rate 17 of 31 submissions, 55%

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)34
    • Downloads (Last 6 weeks)7
    Reflects downloads up to 20 Jan 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Smart industrial information integration: a lightweight privacy protection model in an intelligent manufacturing architectureJournal of Engineering Design10.1080/09544828.2024.237706935:11(1339-1366)Online publication date: 27-Aug-2024
    • (2024)Towards a Privacy-Preserving Attestation for Virtualized NetworksComputer Security – ESORICS 202310.1007/978-3-031-51482-1_18(351-370)Online publication date: 11-Jan-2024
    • (2023)Whole-Program Control-Flow Path AttestationProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3616687(2680-2694)Online publication date: 15-Nov-2023
    • (2022)Nanovised Control Flow AttestationApplied Sciences10.3390/app1205266912:5(2669)Online publication date: 4-Mar-2022
    • (2021)Toward Trusted and Secure Communication Among Multiple Internal Modules in CAVIEEE Internet of Things Journal10.1109/JIOT.2021.30825428:24(17734-17746)Online publication date: 15-Dec-2021
    • (2021)Security and trust preserving inter‐ and intra‐cloud VM migrationsInternational Journal of Network Management10.1002/nem.210331:2Online publication date: 9-Mar-2021
    • (2020)überSparkACM SIGOPS Operating Systems Review10.1145/3421473.342147654:1(8-22)Online publication date: 31-Aug-2020
    • (2020)StateConsisIV: A Privacy-preserving Integrity Verification Method for Cloud Components Based on a Novel State Consistency Feature2020 IEEE Fifth International Conference on Data Science in Cyberspace (DSC)10.1109/DSC50466.2020.00026(120-126)Online publication date: Jul-2020
    • (2020)Cloud-Based Blockchaining for Enhanced SecurityHandbook of Research on Blockchain Technology10.1016/B978-0-12-819816-2.00007-1(171-181)Online publication date: 2020
    • (2020)CloudVaults: Integrating Trust Extensions into System Integrity Verification for Cloud-Based EnvironmentsComputer Security10.1007/978-3-030-66504-3_12(197-220)Online publication date: 24-Dec-2020
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media