René Korthaus
ABSTRACT
Binary attestation, as proposed by the Trusted Computing Group (TCG), is a pragmatic approach for software integrity protection and verification. However, it has also various shortcomings that cause problems for practical deployment such as scalability, manageability and privacy: On the one hand, data bound to binary values remain inaccessible after a software update and the verifier of an attestation result has to manage a huge number of binary versions. On the other hand, the binary values reveal information on platform configuration that may be exploited maliciously.
In this paper we focus on property-based bootstrap architectures with an enhanced boot loader. Our proposal improves the previous work in a way that allows a practical and efficient integration into existing IT infrastructures. We propose a solution of the version rollback problem that, in contrast to the existing approaches, is secure even if the TPM owner of the attested platform is untrusted without requiring an interaction with a trusted third party.
Finally, we show how our architecture can be applied to secure boot mechanisms of Mobile Trusted Modules (MTM) to realize a "Property-Based Secure Boot". This is especially important for human users, since with secure boot, users can rely on the fact that a loaded system is also in a trustworthy state.
- S. Al-Sefou, A. Zaerin, and C. Stüble. The trusted object-oriented software stack (ToSS). Technical Report 2009-019, Sirrix AG security technologies, 2009.Google Scholar
- M. Alam, X. Zhang, M. Nauman, T. Ali, and J.-P. Seifert. Model-based behavioral attestation. In SACMAT '08: Proceedings of the 13th ACM symposium on Access control models and technologies, pages 175--184, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- W. A. Arbaugh, D. J. Farber, and J. M. Smith. A secure and reliable bootstrap architecture. In SP '97: Proceedings of the 1997 IEEE Symposium on Security and Privacy, page 65, Washington, DC, USA, 1997. IEEE Computer Society. Google ScholarDigital Library
- W. A. Arbaugh, A. D. Keromytis, D. J. Farber, and J. M. Smith. Automated recovery in a secure bootstrap process. In Proceedings of the Symposium on Network and Distributed Systems Security (NDSS'98), pages 155--167, San Diego, California, 2008. Internet Society.Google Scholar
- L. Chen, R. Landfermann, H. Löhr, M. Rohe, A.-R. Sadeghi, and C. Stüble. A protocol for property-based attestation. In STC '06: Proceedings of the first ACM workshop on Scalable trusted computing, pages 7--16, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
- L. Chen, H. Löhr, M. Manulis, and A.-R. Sadeghi. Property-based attestation without a trusted third party. In Tzong-Chen, W. C.-L. Lei, V. Rijmen, and D.-T. Lee, editors, Information Security -- 11th International Conference, ISC 2008, Taipei, Taiwan, September 15-18, 2008, Proceedings, volume 5222 of LNCS, pages 31--46. Springer-Verlag, 2008. Google ScholarDigital Library
- J. Dyer, M. Lindemann, R. Perez, R. Sailer, L. van Doorn, S. W. Smith, and S. Weingart. Building the IBM 4758 Secure Coprocessor. IEEEC, 34(10):57--66, 2001. Google ScholarDigital Library
- J.-E. Ekberg and M. Kylänpää. Mobile trusted module (MTM) - an introduction. Technical Report NRC-TR-2007-015, Nokia Research Center, 2007. Available online at http://www.research.nokia.com/files/NRCTR2007015.pdf; visited on May 19th 2009.Google Scholar
- V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation: A virtual machine directed approach to trusted computing. In USENIX Virtual Machine Research and Technology Symposium, May 2004. also Technical Report No. 03-20, School of Information and Computer Science, University of California, Irvine; October 2003. Google ScholarDigital Library
- Intel Corporation. Intel trusted execution technology -- preliminary architecture specification. Technical Report Document Number: 31516803, Intel Corporation, 2006.Google Scholar
- Intel Corporation. LaGrande technology preliminary architecture specification. Technical Report Document Number: 315168 002, Intel Corporation, Sept. 2006.Google Scholar
- U. Kühn, M. Selhorst, and C. Stüble. Realizing property-based attestation and sealing with commonly available hard- and software. In STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages 50--57, New York, NY, USA, 2007. ACM. Google ScholarDigital Library
- R. MacDonald, S. Smith, J. Marchesini, and O. Wild. Bear: An open-source virtual secure coprocessor based on TCPA. Technical Report TR2003-471, Department of Computer Science, Dartmouth College, 2003.Google Scholar
- J. Marchesini, S. W. Smith, O. Wild, and R. MacDonald. Experimenting with TCPA/TCG Hardware, Or: How I Learned to Stop Worrying and Love The Bear. Technical Report TR2003-476, Dartmouth College, Computer Science, Hanover, NH, December 2003.Google Scholar
- J. Marchesini, S. W. Smith, O. Wild, J. Stabiner, and A. Barsamian. Open-source applications of tcpa hardware. In ACSAC '04: Proceedings of the 20th Annual Computer Security Applications Conference, pages 294--303, Washington, DC, USA, 2004. IEEE Computer Society. Google ScholarDigital Library
- J. Poritz, M. Schunter, E. Van Herreweghen, and M. Waidner. Property attestation -- scalable and privacy-friendly security assessment of peer computers. Technical Report RZ 3548, IBM Research, May 2004.Google Scholar
- A.-R. Sadeghi and C. Stüble. Property-based attestation for computing platforms: caring about properties, not mechanisms. In NSPW '04: Proceedings of the 2004 workshop on New security paradigms, pages 67--77, New York, NY, USA, 2004. ACM. Google ScholarDigital Library
- R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. Research Report RC23064, IBM Research, Jan. 2004.Google Scholar
- M. Selhorst and C. Stüble. The TrustedGRUB Bootloader, 2007. Available online at http://sourceforge.net/projects/trustedgrub; visited on June 19th 2009.Google Scholar
- S. W. Smith. Outbound authentication for programmable secure coprocessors. In ESORICS '02: Proceedings of the 7th European Symposium on Research in Computer Security, pages 72--89, London, UK, 2002. Springer-Verlag. Google ScholarDigital Library
- Trusted Computing Group. Mobile Phone Work Group Mobile Reference Architecture, 2007. Available online at http://www.trustedcomputinggroup.org/resources/mobile_phone_work_group_mobile_reference_architecture; visited on April 17th 2009.Google Scholar
- Trusted Computing Group. TPM Specification Version 1.2 Revision 103, Part 1 - Design Principles, 2007. Available online at http://www.trustedcomputinggroup.org/files/resource_ files/ACD19914-1D09-3519-ADA64741A1A15795/mainP1DPrev103.zip; visited on April 17th 2009.Google Scholar
- Trusted Computing Group. TPM SpecificationVersion 1.2 Revision 103: Part 2 - Structures, 2007. Available online at http://www.trustedcomputinggroup.org/files/resource_files/8D3D6571-1D09-3519-AD22EA2911D4E9D0/mainP2Structrev103.pdf; visited on April 17th 2009.Google Scholar
- Trusted Computing Group. TPM SpecificationVersion 1.2 Revision 103: Part 3 - Commands, 2007. Available online at http://www.trustedcomputinggroup.org/ files/static_page_files/ACD28F6C-1D09-3519-AD210DC2597F1E4C/mainP3Commandsrev103.pdf; visited on April 17th 2009.Google Scholar
- Trusted Computing Group. Mobile Phone Work Group Mobile Trusted Module Specification, Version 1.0, 2009. Available online at http://www.trustedcomputinggroup.org/ resources/mobile_phone_work_group_mobile_trusted_module_specification_version_10; visited on April 17th 2009.Google Scholar
- B. S. Yee. Using Secure Coprocessors. PhD thesis, School of Computer Science, Carnegie Mellon University, May 1994. CMU-CS-94-149.Google Scholar
Index Terms
- A practical property-based bootstrap architecture
Recommendations
A protocol for property-based attestation
STC '06: Proceedings of the first ACM workshop on Scalable trusted computingThe Trusted Computing Group (TCG) has issued several specifications to enhance the architecture of common computing platforms by means of new functionalities, amongst others the (binary) attestation to verify the integrity of a (remote) computing ...
An efficient implementation of trusted channels based on openssl
STC '08: Proceedings of the 3rd ACM workshop on Scalable trusted computingSecurity breaches on the Internet rarely involve compromising secure channels - typically based on protocols like Transport Layer Security (TLS) or Internet Protocol Security (IPsec) - because communication endpoints are much easier to compromise. ...
Trust[ed | in] computing, signed code and the heat death of the internet
SAC '06: Proceedings of the 2006 ACM symposium on Applied computingThe Trusted Computing Group (TCG) is an industry consortium which has invested in the design of a small piece of hardware (roughly a smartcard), called a Trusted Platform Module (TPM), and associated APIs and protocols which are supposed to help ...
Comments