Design Space Exploration of DICE

Abstract

Trusted Computing aims to secure computer systems by ensuring that only trusted software is executed on the system, so that it behaves in expected ways. One of the approaches to this concept is the Device Identifier Composition Engine (DICE), which is specified by the Trusted Computing Group (TCG) as a solution for resource-limited devices. DICE is supposed to be a Root of Trust, which enables the implementation of a Chain of Trust on the device. It is designed for off-the-shelf hardware, such that it can be used on most modern micro-controllers. Therefore, it needs to be as minimal on resource usage as possible. Implementations until now were either focused on extending DICE with new concepts or implementing DICE with as little hardware as possible. Also they usually only implemented DICE on one single device. These factors limit the significance of their results for general DICE implementations as they mostly concentrate on evaluating their extended concepts and specific implementation features. This paper aims for the contrary, focusing more on general configuration and implementation details applicable to most DICE implementations than on specific aspects. We evaluated many different configurations for multiple devices and used these to give suggestions on possible configurations for different use cases. DICE is commonly used as he foundation to create a Chain of Trust, where firmware components get executed in sequential order. Usually a key generation component is used to generate purpose-bound keys after DICE, but specifics are application-dependent. We also implemented this component and to evaluate its key generation for different key configurations. Additionally, we implemented an example of Remote Attestation to show how the DICE architecture can be used.