KIT | KIT-Bibliothek | Impressum | Datenschutz

Establishing Secure Communication Channels Using Remote Attestation with TPM 2.0

Wagner, Paul Georg ORCID iD icon 1; Birnstill, Pascal; Beyerer, Jürgen 1
1 Karlsruher Institut für Technologie (KIT)

Abstract (englisch):

Remote attestation allows a verifier to remotely check the integrity of a trusted computing platform. In recent years a number of attestation protocols based on Trusted Platform Modules (TPMs) have been proposed. These protocols cryptographically verify a trusted platform's state by exchanging TPM-signed quotes. Some of them also establish an encrypted channel to the trusted platform, which allows the verifier to transmit information that only the attested software stack can read. However, many existing attestation protocols are either vulnerable against man-in-the-middle attacks, or depend on outdated TPM specifications. In this work we analyze a recently developed attestation protocol that is being actively used to interconnect highly distributed trusted applications. We find this protocol to be vulnerable against a variant of the classical relay attack. In response to this threat we develop a lightweight remote attestation protocol based on the TPM 2.0 specification that is not vulnerable to this attack. Unlike previous proposals, our protocol relies solely on the TPM to establish a shared key on the attested channel, which significantly reduces its attack surface. ... mehr

DOI: 10.1007/978-3-030-59817-4_5
Zitationen: 4
Zitationen: 6
Zugehörige Institution(en) am KIT Institut für Anthropomatik und Robotik (IAR)
Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL)
Publikationstyp Proceedingsbeitrag
Publikationsjahr 2020
Sprache Englisch
Identifikator ISBN: 978-3-030-59816-7
ISSN: 0302-9743
KITopen-ID: 1000124222
Erschienen in Security and Trust Management. Ed.: K. Markantonakis
Veranstaltung International Workshop on Security and Trust Management (STM 2020), Guildford, Vereinigtes Königreich, 17.09.2020 – 18.09.2020
Verlag Springer Nature
Seiten 73–89
Serie Lecture notes in computer science ; 12386
Nachgewiesen in Scopus
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page