A protocol for property-based attestation

Scalable Trusted Computing Pub Date : 2006-11-03 DOI:10.1145/1179474.1179479

Liqun Chen, Rainer Landfermann, Hans Löhr, M. Rohe, A. Sadeghi, Christian Stüble

{"title":"A protocol for property-based attestation","authors":"Liqun Chen, Rainer Landfermann, Hans Löhr, M. Rohe, A. Sadeghi, Christian Stüble","doi":"10.1145/1179474.1179479","DOIUrl":null,"url":null,"abstract":"The Trusted Computing Group (TCG) has issued several specifications to enhance the architecture of common computing platforms by means of new functionalities, amongst others the (binary) attestation to verify the integrity of a (remote) computing platform/application. However, as pointed out recently, the binary attestation has some shortcomings, in particular when used for applications: First, it reveals information about the configuration of a platform (hardware and software) or application. This can be misused to discriminate certain configurations (e.g., operating systems) and the corresponding vendors, or be exploited to mount attacks. Second, it requires the verifier to know all possible ``trusted'' configurations of all platforms as well as managing updates and patches that change the configuration. Third, it does not necessarily imply that the platform complies with desired (security) properties. A recent proposal to overcome these problems is to transform the binary attestation into property-based attestation, which requires to only attest whether a platform or an application fulfills the desired (security) requirements without revealing the specific software or/and hardware configuration.Based on previous works, we propose a concrete efficient property-based attestation protocol within an abstract model for the main functionalities provided by TCG-compliant platforms. We prove the security of this protocol under the strong RSA assumption and the discrete logarithm assumption in the random oracle model. Our scheme allows blind verification and revocation of mappings between properties and configurations.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"204","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Scalable Trusted Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1179474.1179479","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 204

Abstract

The Trusted Computing Group (TCG) has issued several specifications to enhance the architecture of common computing platforms by means of new functionalities, amongst others the (binary) attestation to verify the integrity of a (remote) computing platform/application. However, as pointed out recently, the binary attestation has some shortcomings, in particular when used for applications: First, it reveals information about the configuration of a platform (hardware and software) or application. This can be misused to discriminate certain configurations (e.g., operating systems) and the corresponding vendors, or be exploited to mount attacks. Second, it requires the verifier to know all possible ``trusted'' configurations of all platforms as well as managing updates and patches that change the configuration. Third, it does not necessarily imply that the platform complies with desired (security) properties. A recent proposal to overcome these problems is to transform the binary attestation into property-based attestation, which requires to only attest whether a platform or an application fulfills the desired (security) requirements without revealing the specific software or/and hardware configuration.Based on previous works, we propose a concrete efficient property-based attestation protocol within an abstract model for the main functionalities provided by TCG-compliant platforms. We prove the security of this protocol under the strong RSA assumption and the discrete logarithm assumption in the random oracle model. Our scheme allows blind verification and revocation of mappings between properties and configurations.

查看原文本刊更多论文

基于属性的认证协议

可信计算组(TCG)发布了几个规范，通过新功能来增强通用计算平台的体系结构，其中包括(二进制)认证，以验证(远程)计算平台/应用程序的完整性。然而，正如最近指出的那样，二进制证明有一些缺点，特别是在用于应用程序时:首先，它揭示了关于平台(硬件和软件)或应用程序的配置信息。这可能被滥用来区分某些配置(例如，操作系统)和相应的供应商，或者被利用来进行攻击。其次，它要求验证者知道所有平台的所有可能的“可信”配置，以及管理更改配置的更新和补丁。第三，它并不一定意味着平台符合期望的(安全)属性。克服这些问题的最新建议是将二进制证明转换为基于属性的证明，这只需要证明平台或应用程序是否满足所需的(安全)需求，而无需透露特定的软件或/和硬件配置。在前人工作的基础上，我们针对tcg兼容平台提供的主要功能，在抽象模型中提出了一个具体高效的基于属性的认证协议。在随机oracle模型的强RSA假设和离散对数假设下证明了该协议的安全性。我们的方案允许对属性和配置之间的映射进行盲验证和撤销。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Scalable Trusted Computing

自引率

0.00%

发文量