Property-Based TPM Virtualization

  • Ahmad-Reza Sadeghi
  • Christian Stüble
  • Marcel Winandy
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5222)


Today, virtualization technologies and hypervisors celebrate their rediscovery. Especially migration of virtual machines (VMs) between hardware platforms provides a useful and cost-effective means to manage complex IT infrastructures. A challenge in this context is the virtualization of hardware security modules like the Trusted Platform Module (TPM) since the intended purpose of TPMs is to securely link software and the underlying hardware. Existing solutions for TPM virtualization, however, have various shortcomings that hinder the deployment to a wide range of useful scenarios. In this paper, we address these shortcomings by presenting a flexible and privacy-preserving design of a virtual TPM that in contrast to existing solutions supports different approaches for measuring the platform’s state and for key generation, and uses property-based attestation mechanisms to support software updates and VM migration. Our solution improves the maintainability and applicability of hypervisors supporting hardware security modules like TPM.


Trusted Third Party Trusted Platform Module Trust Computing Virtual Machine Monitor Remote Attestation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Carr, N.G.: The end of corporate computing. MIT Sloan Management Review 46(3), 67–73 (2005)Google Scholar
  2. 2.
    Karger, P.A., Zurko, M.E., Bonin, D.W., Mason, A.H., Kahn, C.E.: A VMM security kernel for the VAX architecture. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 2–19. IEEE Computer Society, Los Alamitos (1990)Google Scholar
  3. 3.
    Trusted Computing Group: TPM Main Specification Version 1.1b (February 2002),
  4. 4.
    Trusted Computing Group: TPM Main Specification Version 1.2 rev. 103 (July 2007),
  5. 5.
    Microsoft Corporation: Bitlocker drive encryption (July 2007),
  6. 6.
    Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: 13th Usenix Security Symposium, San Diego, California (August 2004), pp. 223–238 (2004)Google Scholar
  7. 7.
    Berger, S., Caceres, R., Goldman, K.A., Perez, R., Sailer, R., van Doorn, L.: vTPM: Virtualizing the Trusted Platform Module. In: Proceedings of the 15th USENIX Security Symposium, USENIX, August 2006, pp. 305–320 (2006)Google Scholar
  8. 8.
    Goldman, K., Berger, S.: TPM Main Part 3 – IBM Commands (April 2005),
  9. 9.
    Scarlata, V., Rozas, C., Wiseman, M., Grawrock, D., Vishik, C.: TPM virtualization: Building a general framework. In: Pohlmann, N., Reimer, H. (eds.) Trusted Computing, Vieweg, pp. 43–56 (2007)Google Scholar
  10. 10.
    Smith, S.W., Weingart, S.: Building a high-performance, programmable secure coprocessor. Computer Networks 31(8), 831–860 (1999)CrossRefGoogle Scholar
  11. 11.
    Yee, B.S.: Using Secure Coprocessors. PhD thesis, School of Computer Science, Carnegie Mellon University (May 1994) CMU-CS-94-149Google Scholar
  12. 12.
    Arbaugh, W.A., Farber, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1997, pp. 65–71. IEEE Computer Society Press, Los Alamitos (1997)Google Scholar
  13. 13.
    Macdonald, R., Smith, S., Marchesini, J., Wild, O.: Bear: An open-source virtual secure coprocessor based on TCPA. Technical Report TR2003-471, Department of Computer Science, Dartmouth College (2003)Google Scholar
  14. 14.
    Haldar, V., Chandra, D., Franz, M.: Semantic remote attestation: A virtual machine directed approach to trusted computing. In: USENIX Virtual Machine Research and Technology Symposium (2004)Google Scholar
  15. 15.
    Jiang, S., Smith, S., Minami, K.: Securing web servers against insider attack. In: 17th Annual Computer Security Applications Conference (ACSAC) (2001)Google Scholar
  16. 16.
    Chen, L., Landfermann, R., Loehr, H., Rohe, M., Sadeghi, A.R., Stüble, C.: A protocol for property-based attestation. In: STC 2006: Proceedings of the First ACM Workshop on Scalable Trusted Computing, pp. 7–16. ACM Press, New York (2006)CrossRefGoogle Scholar
  17. 17.
    Poritz, J., Schunter, M., Van Herreweghen, E., Waidner, M.: Property attestation—scalable and privacy-friendly security assessment of peer computers. Technical Report RZ 3548, IBM Research (May 2004)Google Scholar
  18. 18.
    Sadeghi, A.R., Stüble, C.: Property-based attestation for computing platforms: Caring about properties, not mechanisms. In: The 2004 New Security Paradigms Workshop. ACM Press, New York (2004)Google Scholar
  19. 19.
    Kühn, U., Selhorst, M., Stüble, C.: Realizing property-based attestation and sealing with commonly available hard- and software. In: STC 2007: Proceedings of the 2nd ACM Workshop on Scalable Trusted Computing, pp. 50–57. ACM Press, New York (2007)CrossRefGoogle Scholar
  20. 20.
    Goldman, K., Perez, R., Sailer, R.: Linking remote attestation to secure tunnel endpoints. In: STC 2006: Proceedings of the First ACM Workshop on Scalable Trusted Computing, pp. 21–24 (2006)Google Scholar
  21. 21.
    Stumpf, F., Tafreschi, O., Röder, P., Eckert, C.: A robust integrity reporting protocol for remote attestation. In: Proceedings of the Second Workshop on Advances in Trusted Computing (WATC 2006 Fall), Tokyo (December 2006)Google Scholar
  22. 22.
    Asokan, N., Ekberg, J.E., Sadeghi, A.R., Stüble, C., Wolf, M.: Enabling fairer digital rights management with trusted computing. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 53–70. Springer, Heidelberg (2007)Google Scholar
  23. 23.
    Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Pratt, I., Warfield, A., Barham, P., Neugebauer, R.: Xen and the art of virtualization. In: Proceedings of the ACM Symposium on Operating Systems Principles, October 2003, pp. 164–177 (2003)Google Scholar
  24. 24.
    Anderson, M.J., Moffie, M., Dalton, C.I.: Towards trustworthy virtualisation environments: Xen library os security service infrastructure. Technical Report HPL-2007-69, Hewlett-Packard Laboratories (April 2007)Google Scholar
  25. 25.
    Sadeghi, A.R., Stüble, C., Pohlmann, N.: European multilateral secure computing base - open trusted computing for you and me. Datenschutz und Datensicherheit DuD, Verlag Friedrich Vieweg & Sohn, Wiesbaden 28(9), 548–554 (2004)Google Scholar
  26. 26.
    Sailer, R., Valdez, E., Jaeger, T., Perez, R., van Doorn, L., Griffin, J.L., Berger, S.: sHype: Secure hypervisor approach to trusted virtualized systems. Technical Report RC23511, IBM Research Division (February 2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Ahmad-Reza Sadeghi
    • 1
  • Christian Stüble
    • 2
  • Marcel Winandy
    • 1
  1. 1.Ruhr-University BochumBochumGermany
  2. 2.Sirrix AG security technologiesBochumGermany

Personalised recommendations