Efficient remote attestation mechanism with privacy protection

Ruan Jian Xue Bao/Journal of Software

Volumn 22, Issue 2, 2011, Pages 339-352

  Xu, Zi Yao ^a,b   He, Ye Ping ^a   Deng, Ling Li ^a,c  

^a INSTITUTE OF SOFTWARE   (China)

^b China North Industries Group Corporation   (China)

^c CHINA MOBILE RESEARCH INSTITUTE   (China)

Author keywords

Merkle hash tree; Privacy protection; Remote attestation; Trusted computing; Verification efficiency

Indexed keywords

HIGH EFFICIENCY; INTEGRITY MEASUREMENT; MERKLE HASH TREE; NEW MECHANISMS; PRIVACY PROTECTION; PSEUDO-CODE; REMOTE ATTESTATION; TARGET APPLICATION; TRUSTED COMPUTING; TRUSTED PLATFORM MODULE;

ARCHITECTURE;

SECURITY OF DATA;

EID: 79953070593     PISSN: 10009825     EISSN: None     Source Type: Journal    
DOI: 10.3724/SP.J.1001.2011.03714     Document Type: Article

References (26)

1. Trusted Computing Group. TCG specification architecture overview revision 1.4. 2007. http://www.trustedcomputinggroup.org/
2. Trusted Computing Group. TPM main specification version 1.2 revision 103 part 1 & 2 & 3. 2007. http://www.trustedcomputinggroup.org/
3. Sailer R, Zhang XL, Jaeger T, van Doorn L. Design and implementation of a TCG-based integrity measurement architecture. In: Proc. of the 13th USENIX Security Symp. Berkley: USENIX Association, 2004. 223-238.
4. Jaeger T, Sailer R, Shankar U. PRIMA: Policy-Reduced integrity measurement architecture. In: Ferraiolo D, et al., eds. Proc. of the 11th ACM Symp. on Access Control Models and Technologies. New York: ACM, 2006. 19-28.
5. Merkle RC. Protocols for public key cryptosystems. In: Proc. of the IEEE Symp. on Security and Privacy. Washington: IEEE Computer Society, 1980. 122-134.
6. Merkle RC. A certified digital signature. In: Brassard G, ed. Proc. of the 9th Annual Int'l Cryptology Conf. on Advances in Cryptology. Heidelberg: Springer-Verlag, 1989. 218-238. [doi: 10.1007/0-387-34805-0_21]
7. Sadeghi A, Stüble C. Property-Based attestation for computing platforms: caring about properties, not mechanisms. In: Raskin V, ed. Proc. of the 2004 Workshop on New Security Paradigms. New York: ACM, 2004. 67-77. [doi: 10.1145/1065907.1066038]
8. Arbaugh WA, Farber DJ, Smith JM. A secure and reliable bootstrap architecture. In: Proc. of the IEEE Symp. on Security and Privacy. Washington: IEEE Computer Society, 1997. 65-71.
9. Sailer R, Jaeger T, Zhang XL, van Doorn L. Attestation-Based policy enforcement for remote access. In: Aturi V, et al., eds. Proc. of the 11th ACM Conf. on Computer and Communications Security. New York: ACM, 2004. 308-317. [doi: 10.1145/1030083. 1030125]
10. Shankar U, Jaeger T, Sailer R. Toward automated information-flow integrity for security-critical applications. In: Proc. of the 13th Annual Network and Distributed Systems Security Symp. Internet Society, 2006.
11. Shi E, Perrig A, Van Doorn L. BIND: A fine-grained attestation service for secure distributed systems. In: Proc. of the IEEE Symp. on Security and Privacy. Washington: IEEE Computer Society, 2005. 154-168. [doi: 10.1109/SP.2005.4]
12. Seshadri A, Luk M, Shi E, Perrig A, van Doorn L, Khosla P. Pioneer: Verifying code integrity and enforcing untampered code execution on legacy systems. In: Herbert A, ed. Proc. of the ACM Symp. on Operating Systems Principles. New York: ACM, 2005. 1-16. [doi: 10.1145/1095810.1095812]
13. Seshadri A, Perrig A, van Doorn L, Khosla P. SWATT: Software-Based Attestation for embedded devices. In: Proc. of the IEEE Symp. on Security and Privacy. Washington: IEEE Computer Society, 2004. 272-282. [doi: 10.1109/SECPRI.2004.1301329]
14. Haldar V, Chandra D, Franz M. Semantic remote attestation - A virtual machine directed approach to trusted computing. In: Proc. of the 3rd Virtual Machine Research & Technology Symp. Berkley: USENIX Association, 2004. 29-41.
15. Poritz J, Schunter M, Herreweghen EV, Waidner M. Property Attestation-Scalable and Privacy-Friendly Security Assessment of Peer Computers. Technical Report, RZ3548, New York: IBM, 2004.
16. Maruyama H, Seliger F, Nagaratnam N, Ebringer T, Munetoh S, Yoshihama S. Trusted Platform on Demand. Technical Report, RT0564, Tokyo: IBM Tokyo Research Laboratory, 2004.
17. Sandhu R, Zhang XW. Peer-to-Peer access control architecture using trusted computing technology. In: Ferrari E, ed. Proc. of the 10th ACM Symp. on Access Control Models and Technologies. New York: ACM, 2005. 147-158. [doi: 10.1145/1063979. 1064005]
18. Sandhu R, Ranganathan K, Zhang XW. Secure information sharing enabled by trusted computing and PEI models. In: Lin FC, ed. Proc. of the 2006 ACM Symp. on Information, Computer and Communications Security. New York: ACM, 2006. 2-12. [doi: 10.1145/1128817. 1128820]
19. Blum M, Evans W, Gemmell P, Kannan S, Naor M. Checking the correctness of memories. In: Proc. of the 32nd Annual Symp. on Foundations of Computer Science. Washington: IEEE Computer Society, 1991. 90-99.
20. Lie D, Thekkath C, Mitchell M, Lincoln P, Boneh D, Mitchell J, Horowitz M. Architectural support for copy and tamper resistant software. ACM SIGPLAN Notices, 2000, 35(11): 168-177. [doi: 10.1145/356989.357005]
21. Gassend B, Suh GE, Clarke D, van Dijk M, Devadas S. Caches and hash trees for efficient memory integrity verification. In: Proc. of the 9th Int'l Symp. on High-Performance Computer Architecture. Washington: IEEE Computer Society, 2003. 295-306. [doi: 10.1109/HPCA.2003.1183547]
22. Suh GE, Clarke D, Gassend B, van Dijk M, Devadas S. Hardware Mechanism for Memory Integrity Checking. Technical Report, MIT-LCS-TR-872, Cambridge: Massachusetts Institute of Technology, 2002.
23. Suh GE, Clarke D, Gassend B, van Dijk M, Devadas S. AEGIS: Architecture for tamper-evident and tamper-resistant processing. In: Banerjee U, ed. Proc. of the 17th Annual Int'l Conf. on Supercomputing. New York: ACM, 2003. 160-171. [doi: 10.1145/ 782814.782838]
24. Sarmenta LFG, van Dijk M, O'Donnell CW, Rhodes J, Devadas S. Virtual monotonic counters and count-limited objects using a TPM without a trusted OS. In: Juels A, ed. Proc. of the 1st ACM Workshop on Scalable Trusted Computing. New York: ACM, 2006. 27-42. [doi: 10.1145/1179474.1179485]
25. Maheshwari U, Vingralek R, Shapiro W. How to build a trusted database system on untrusted storage. In: Proc. of the 4th Symp. on Operating System Design & Implementation. Berkley: USENIX Association, 2000. 135-150.
26. Williams D, Sirer EG. Optimal parameter selection for efficient memory integrity verification using Merkle hash trees. In: Proc. of the 3rd IEEE Int'l Symp. on Network Computing and Applications. Washington: IEEE Computer Society, 2004. 383-388. [doi: 10.1109/NCA.2004.1347805]