Key Attestation from Trusted Execution Environments

  • Kari Kostiainen
  • Alexandra Dmitrienko
  • Jan-Erik Ekberg
  • Ahmad-Reza Sadeghi
  • N. Asokan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6101)


Credential platforms implemented on top of Trusted Execution Environments (TrEEs) allow users to store and use their credentials, e.g., cryptographic keys or user passwords, securely. One important requirement for a TrEE-based credential platform is the ability to attest that a credential has been created and is kept within the TrEE. Credential properties, such as usage permissions, should be also attested. Existing attestation mechanisms are limited to attesting which applications outside the TrEE are authorized to use the credential. In this paper we describe a novel key attestation mechanism that allows attestation of both TrEE internal and external key usage permissions. We have implemented this attestation mechanism for mobile phones with M-Shield TrEE.


Credential Program Execution Environment Trusted Platform Module Usage Permission Credential Manager 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    ARM. Trustzone technology overview (2009),
  2. 2.
    Baiardi, F., Cilea, D., Sgandurra, D., Ceccarelli, F.: Measuring semantic integrity for remote attestation. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 81–100. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Costan, V., Sarmenta, L.F.G., van Dijk, M., Devadas, S.: The trusted execution module: Commodity general-purpose trusted computing. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 133–148. Springer, Heidelberg (2008), CrossRefGoogle Scholar
  4. 4.
    Internet Crime Complaint Center. Internet crime report (2008),
  5. 5.
    Itoi, N., Arbaugh, W.A., Pollack, S.J., Reeves, D.M.: Personal secure booting. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 130–144. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
  7. 7.
    Kostiainen, K., Ekberg, J.-E., Asokan, N., Rantala, A.: On-board credentials with open provisioning. In: Proc. of ACM Symposium on Information, Computer & Communications Security, ASIACCS 2009 (2009)Google Scholar
  8. 8.
    The Programming Language Lua,
  9. 9.
    Petroni Jr., N.L., Fraser, T., Molina, J., Arbaugh, W.A.: Copilot - a coprocessor-based kernel runtime integrity monitor. In: Proceedings of the 13th USENIX Security Symposium, August 2004, pp. 179–194. USENIX (2004)Google Scholar
  10. 10.
  11. 11.
    Rundgren, A.: Subject key attestation in keygen2 (2009),
  12. 12.
    SANS Institute. SANS Top-20 2007 Security Risks (November 2008),
  13. 13.
    Smith, S.W.: Outbound authentication for programmable secure coprocessors. International Journal of Information Security 3, 28–41 (2004)CrossRefGoogle Scholar
  14. 14.
    Srage, J., Azema, J.: M-Shield mobile security technology, TI White paper (2005),
  15. 15.
  16. 16.
    TCG Infrastructure Workgroup. Subject Key Attestation Evidence Extension Specification Version 1.0 Revision 7 (June 2005),
  17. 17.
    Trusted Platform Module (TPM) Specifications,

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Kari Kostiainen
    • 1
  • Alexandra Dmitrienko
    • 2
  • Jan-Erik Ekberg
    • 1
  • Ahmad-Reza Sadeghi
    • 2
  • N. Asokan
    • 1
  1. 1.Nokia Research CenterHelsinkiFinland
  2. 2.Horst Görtz Institute for IT SecurityRuhr-UniversityBochumGermany

Personalised recommendations