Abstract
The chain of trust in bootstrap process is the basis of whole system trust in the trusted computing group (TCG) definition. This paper presents a design and implementation of a bootstrap trust chain in PC based on the Windows and today's commodity hardware, merely depends on availability of an embedded security module (ESM). ESM and security enhanced BIOS is the root of trust, PMBR (Pre-MBR) checks the integrity of boot data and Windows kernel, which is a checking agent stored in ESM. In the end, the paper analyzed the mathematic expression of the chain of trust and the runtime performance compared with the common booting process. The trust chain bootstrap greatly strengthens the security of personal computer system, and affects the runtime performance with only adding about 12% booting time.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Trusted Computing Group [EB/OL]. [2005-09-16].https://www.trustedcomputinggroup.org.
TCPA. TCPA Design Philosophies and Concepts V1. 0 [EB/OL]. [2005-12-18].http://www.trustedcomputing.org/docs/designv1.0final.pdf.
Trusted Computing Group. TCG PC Specific Implementation Specification Version 1. 1 [EB/OL]. [2006-01-20].http://www.trustedcomputing group.org/groups/pc_client/TCG_PCSpecification_v1-1. pdf.
Hermann H rtig, Oliver Kowalski and Winfried Khnhauser. The Birlix Security Architecture [J].Journal of Computer Security, 1993,2(1):5–21.
Yee B.Using Secure Coprocessors [D]. Pittsburgh: Carnegie Mellon University, 1994.
Arbaugh W A, Farber D J, Smith J M. A Secure and Reliable Bootstrap Architecture [C] //Proceedings of IEEE Computer Society Conference on Security and Privacy. New York: IEEE Press, 1997:65–71.
Sailer R, Zhang X L, Jaeger T,et al. Design and Implementation of a TCG-Based Integrity Measurement Architecture [C]//Proceedings of 13 th USENIX Security Symposium, San Diego USENIX Association, 2004:223–238.
Yu Fajiang, Zhang Huanguo. Realization of Trusted Computing Platform [J].Journal of Wuhan University (Natural Science Edition), 2004,50(1):69–73 (Ch).
Zhang Huanguo, Liu Yuzhen, Yu Fajiang,et al. A New Type of Embedded Security Modle [J].Journal of Wuhan University (Natural Science Edition), 2004,50(S1):7–11 (Ch)
Dai Wei, Crypto+ +5.2.1 Benchmarks [EB/OL]. [2005-12-13].http://www.eskimo.com/∼weidai/benchmarks.html.
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: Supported by the National Natural Science Foundation of China (90104005, 60373087, 60473023) and Network and Information Security Key Laboratory Program of Ministry of Education of China
Biography: YU Fajiang (1980-), male, Ph. D. candidate, research direction: information security, trusted computing.
Rights and permissions
About this article
Cite this article
Fajiang, Y., Huanguo, Z. Design and implementation of a bootstrap trust chain. Wuhan Univ. J. Nat. Sci. 11, 1449–1452 (2006). https://doi.org/10.1007/BF02831795
Received:
Issue Date:
DOI: https://doi.org/10.1007/BF02831795