TIVA: Trusted Integrity Verification Architecture

  • Mahadevan Gomathisankaran
  • Akhilesh Tyagi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3919)

Abstract

We are moving towards the era of pervasive computing. The embedded computing devices are everywhere and they need to interact in many insecure ways. Verifying the integrity of the software running on these devices in such a scenario is an interesting and difficult problem. The problem is simplified if the verifying entity has access to the original binary image. However, the verifier itself may not be trusted with the intellectual property built into the software. Hence an acceptable and practical solution would not reveal the intellectual property (IP) of the verified software, and yet must verify its integrity. We propose one such novel solution, TIVA, in this paper.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Seshadri, A., et al.: SWATT: SoftWare-based ATTestation for Embedded Devices. In: Proceedings of ISSP 2004 (2004)Google Scholar
  2. 2.
    Kennell, R., Jamieson, L.H.: Establishing the Genuinity of Remote Computer Systems. In: Proceedings of 12th USENIX Security Symposium (2003)Google Scholar
  3. 3.
    Collberg, C., Thomborson, C.: Software watermarking: Models and dynamic embeddings. In: POPL 1999: The 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (1999)Google Scholar
  4. 4.
    Shankar, U., Chew, M., Tygar, J.D.: Side effects are not sufficient to authenticate software. In: Proceedings of 13th USENIX Security Symposium (2004)Google Scholar
  5. 5.
    Collberg, C., Thomborson, C.: Watermarking, tamper-proofing, and obfuscation - tools for software protection. IEEE Transactions on Software Engineering 28(8) (2002)Google Scholar
  6. 6.
    Fredkin, E., Toffoli, T.: Conservative Logic. International Journal of Theoretical Physics 21(3/4) (April 1982)Google Scholar
  7. 7.
    Toffoli, T.: Reversible Computing. Technical Report MIT/LCS/TM151/1980, MIT Laboratory for Computer Science (1980)Google Scholar
  8. 8.
    Bennett, R., Landauer, R.: Fundamental Physical Limits of Computation. Scientific American, 48–58 (1985)Google Scholar
  9. 9.
    DeHon, A.: DPGA-coupled microprocessor: Commodity ICs for the early 21st centry. In: Proc. of IEEE workshop on FPGAs for Custom Computing Machines, pp. 31–39 (April 1994)Google Scholar
  10. 10.
    Star-HSPICE 2001.4 Avant! CorporationGoogle Scholar
  11. 11.
    Wilton, S.J.E., Jouppi, N.P.: An Enhanced Access and Cycle Time model for On-Chip Caches, WRL Research Technical Report 93/5 (July 1994)Google Scholar
  12. 12.
  13. 13.
  14. 14.
    Taiwan Semiconductor Manufacturing Company Ltd., http://www.tsmc.com
  15. 15.
    Berkeley Predictive Technology Model, http://www-device.eecs.berkeley.edu
  16. 16.
    Sailer, R., Zhang, X., Jaeger, T., Doorn, L.v.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: Proc. of the 13th USENIX Security Symposium (2004)Google Scholar
  17. 17.
    Sailer, R., Jaeger, T., Zhang, X., Doorn, L.v.: Attestation-based Policy Enforcement for Remote Access. In: Proc. of the 11th ACM Conference on Computer and Communications Security, pp. 308–317 (2004)Google Scholar
  18. 18.
    AOL. The America Online Instant Messenger Application, http://www.aol.com
  19. 19.
    PyxisSystemsTechnologies. AIM/oscar protocol specification: Section 3: Connection Management (2002), http://aimdoc.sourceforge.net/faim/protocol/section3.html
  20. 20.
    Trusted Computing Group, Trusted Platform Module Specification, Version 1.2, Revision 62, http://www.trustedcomputinggroup.org
  21. 21.
    HMAC. Internet RFC 2104 (February 1997)Google Scholar
  22. 22.
    Linn, C., Debray, S.: Obfuscation of Executable Code to Improve Resistance to Static Disassembly. In: Proc. of 10th ACM Conference of Computer and Communications Security, pp. 290–299 (October 2003)Google Scholar
  23. 23.
    Cho, W., Lee, I., Park, S.: Against Intelligent Tampering: Software tamper resistance by extended control flow obfuscation. In: Proc. of World Multiconference on Systems, Cybernetics, and Informatics, International Institute of Informatics and Systematics (2001)Google Scholar
  24. 24.
    Ogsio, T., Sakabe, Y., Soshi, M., Miyaji, A.: Software obfuscation on a theoretical basis and its implementation. IEEE Transaction Fundamentals E86(A)-1 (January 2003)Google Scholar
  25. 25.
    Ishai, Y., Sahai, A., Wagner, D.: Private Circuits: Securing Hardware against Probing Attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  26. 26.
    Dyer, J., Lindemann, M., Perez, R., Sailer, R., Smith, S.W., van Doorn, L., Weingart, S.: Building the IBM 4758 Secure Coprocessor. IEEE Computer 34, 57–66 (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Mahadevan Gomathisankaran
    • 1
  • Akhilesh Tyagi
    • 1
  1. 1.Electrical and Computer EngineeringIowa State UniversityAmesUSA

Personalised recommendations