On Device Identity Establishment and Verification

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Many high security applications rely ultimately on the security of hardware-based solutions in order to protect both data and code against tampering. For these applications, assuring the device’s identity and integrity is paramount. In our work, we explore a number of factors that help to improve on device accreditation, by devising and defining both architectural and procedural requirements related to device construction, shipping and usage. Based on that, we proposed two integrity shared verification schemes which enable regular and auditing users of such applications to promptly and easily verify whether their interfacing hardware is trustworthy. We implemented our solutions in a key application, namely a hardware security module (HSM) suitable for use in supporting PKIs and also showed how it performs equally well in Direct Recording Electronic (DRE) voting machines.