Secure and Privacy-Aware Multiplexing of Hardware-Protected TPM Integrity Measurements among Virtual Machines

  • Michael Velten
  • Frederic Stumpf
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7839)


Measuring the integrity of critical operating system components and securely storing these measurements in a hardware-protected Trusted Platform Module (TPM) is a well-known approach for improving system security. However, currently it is not possible to securely extend this approach to TPMs used in virtualized environments. In this paper, we show how to multiplex integrity measurements of arbitrarily many Virtual Machines (VMs) with just a single standard TPM. In contrast to existing approaches such as vTPM, our approach achieves a higher level of security since measurements will never be held in software but are fully hardware-protected by the TPM at all times. We establish an integrity-protected mapping between each measurement and its respective VM such that it is not possible for an attacker to alter this mapping during remote attestation without being detected. Furthermore, all measurements will be stored in the TPM in a concealed manner in order to prevent information leakage of other VMs during remote attestation. The experimental results of our proof of concept implementation show the feasibility of our approach.


Integrity Measurement Attestation Trusted Platform Module Trusted Computing Virtualization 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Trusted Platform Module, Main Specification, Level 2, Version 1.2, Revision 116 (2011),
  2. 2.
    Trusted Computing Group,
  3. 3.
    Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a tcg-based integrity measurement architecture. In: Proceedings of the 13th Conference on USENIX Security Symposium, SSYM 2004, vol. 13, p. 16. USENIX Association, Berkeley (2004)Google Scholar
  4. 4.
    Berger, S., Cáceres, R., Goldman, K.A., Perez, R., Sailer, R., van Doorn, L.: vtpm: virtualizing the trusted platform module. In: Proceedings of the 15th Conference on USENIX Security Symposium, USENIX-SS 2006, vol. 15, USENIX Association, Berkeley (2006)Google Scholar
  5. 5.
    England, P., Loeser, J.: Para-virtualized tpm sharing. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 119–132. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. 6.
    Stumpf, F., Eckert, C.: Enhancing trusted platform modules with hardware-based virtualization techniques. In: The International Conference on Emerging Security Information, Systems, and Technologies, pp. 1–9 (2008)Google Scholar
  7. 7.
    Virtualized Trusted Platform Architecture Specification, Version 1.0, Revision 26 (2011),
  8. 8.
    Feller, T., Malipatlolla, S., Kasper, M., Huss, S.A.: dctpm: A generic architecture for dynamic context management. In: 2011 International Conference on Reconfigurable Computing and FPGAs (ReConFig), November 30-December 2, pp. 211–216 (2011)Google Scholar
  9. 9.
    Azab, A.M., Ning, P., Sezer, E.C., Zhang, X.: Hima: A hypervisor-based integrity measurement agent. In: ACSAC, pp. 461–470. IEEE Computer Society (2009)Google Scholar
  10. 10.
    Litty, L., Lagar-Cavilla, H.A., Lie, D.: Hypervisor support for identifying covertly executing binaries. In: Proceedings of the 17th Conference on Security Symposium, SS 2008, pp. 243–258. USENIX Association, Berkeley (2008)Google Scholar
  11. 11.
    National Institute of Standards and Technology. Secure Hash Standard (SHA-1). Federal Information Processing Standards Publication 180-1 (1993)Google Scholar
  12. 12.
    Bellard, F.: Qemu, a fast and portable dynamic translator. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference, ATEC 2005, p. 41. USENIX Association, Berkeley (2005)Google Scholar
  13. 13.
    Kivity, A., Kamay, Y., Laor, D., Lublin, U., Liguori, A.: kvm: the Linux virtual machine monitor. In: OLS 2007: Proceedings of the Linux Symposium, vol. 1, pp. 225–230 (June 2007)Google Scholar
  14. 14.
    TrouSerS – The open-source TCG Software Stack,

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Michael Velten
    • 1
  • Frederic Stumpf
    • 1
  1. 1.AISECFraunhofer Research InstitutionMunichGermany

Personalised recommendations