Skip to main content
SpringerLink
Log in

A property-based attestation protocol for TCM

  • Research Papers
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

This paper presents a property attestation protocol for the security chip TCM (trusted cryptographic module) via analyzing the problems of the current property attestation, which is built on the property attestation model with the online trust third party. In the protocol the prover utilizes the zero-knowledge proof by the attribute certificates, configuration commitment and TCM signature, and attests its configuration and status which are compliant with the declarative security property. The protocol is characterized by shorter signature length and lower computations. The security of the protocol is proved at the random oracle model. The protocol can help extend application and improve standard for security chip TCM, and it also has practical value and immediate significance.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Trusted Computing Group. TPM Main Part 1, Design Principles Specification, Version 1.2 Revision 62[EB/OL]. [2003-10-2]. https://www.trustedcomputinggroup.org/home.

  2. Trusted Computing Group. TCG Software Stack (TSS) Specification, Version 1.10[EB/OL]. [2003-8-20]. https://www.trusted-computinggroup.org.

  3. Trusted Computing Group. TCG Glossary Specification, Revision 0.1[EB/OL]. [2004-7-22]. https://www.trustedcomputinggroup.org/home.

  4. Sailer R, Zhang X L, Jaeger T, et al. Design and implementation of a TCG-based integrity measurement architecture. In: 13th Usenix Security Symposium. San Diego: USENIX Association, 2004. 16–16

    Google Scholar 

  5. Safford D, Zohar M. A Trusted Linux Clent (TLC). http://www.research.ibm.com/gsal/tcpa/tlc.pdf

  6. Haldar V, Chandra D, Franz M. Semantic remote attestation: A virtual machine directed approach to trusted computing. In: Proceedings of USENIX Virtual Machine Research and Technology Symposium, Long Beach: California State University, 2004. 145–154

    Google Scholar 

  7. Seshadri A, Perrig A, Doorn L V, et al. SWATT: Software-based Attestation for embedded devices. In: Proceedings of the IEEE Security & Privacy Conference, Oakland: IEEE, 2004. 272–282

    Chapter  Google Scholar 

  8. Yoshihama S, Ebringer T, Nakamura M, et al. WS-Attestation: Efficient and fine-grained remote attestation on web services. In: Proceedings of International Conference on Web Services. Washington, DC: IEEE, 2005. 743–750

    Chapter  Google Scholar 

  9. Sadeghi A, Stüble C. Property-based attestation for computing platforms: caring about properties, not mechanisms. In: Proceedings of the 2004 Workshop on New Security Paradigms. Nova Scotia: ACM Press, 2004. 67–77

    Google Scholar 

  10. Poritz J, Schunter M, Herreweghen E V, et al. Property attestation—scalable and privacy-friendly security assessment of peer computers. IBM Research Report RZ 3548. 2004

  11. Chen L Q, Landfermann R, Löhr H, et al. A protocol for property-based attestation. In: Proceedings of the first ACM workshop on Scalable trusted computing. New York: ACM Press, 2006. 7–16

    Chapter  Google Scholar 

  12. Chen L Q, Löhr H, Manulis M, et al. Property-based attestation without a trusted third party. In: Proceedings of the 11th International Conference on Information Security. LNCS, vol. 5222. Berlin: Springer-Verlag, 2008. 31–46

    Google Scholar 

  13. Kuehn U, Selhorst M, Stueble C. Realizing property-based attestation and sealing with commonly available hard- and software. In: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing. New York: ACM, 2007. 50–57

    Chapter  Google Scholar 

  14. China State Password Administration Committee. Functionality and Interface Specification of Cryptographic Supporting Platform for Trusted Computing, 2007. http://www.oscca.gov.cn

  15. Camenisch J, Stadler M. Efficient group signature schemes for large groups. In: CAIP 1997. LNCS, vol. 1296. Heidelberg: Springer, 1997. 410–424

    Google Scholar 

  16. Boneh D, Franklin M. Identity-based encryption from the Weil pairing. In: Kilian J, ed. CRYPTO 2001. LNCS, vol. 2139. Heidelberg: Springer, 2001. 213–229

    Chapter  Google Scholar 

  17. Camenisch J, Lysyanskaya A. Signature schemes and anonymous credentials from bilinear maps. In: Franklin M, ed. CRYPTO 2004. LNCS, vol. 3152. Heidelberg: Springer, 2004. 56–72

    Google Scholar 

  18. Lysyanskaya A, Rivest R L, Sahai A, et al. Pseudonym systems. In: Heys H M, Adams C M, eds. SAC 1999. LNCS, vol. 1758. Heidelberg: Springer, 2000. 184–199

    Google Scholar 

  19. Pedersen T P. Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum J, ed. Advances in Cryptology-CRYPTO’ 91, LNCS, vol. 576. Berlin: Springer-Verlag, 1992. 129–140

    Google Scholar 

  20. Fiat A, Shamir A. How to prove ourself: Practical solution to identification and signature problems. In: Advances in Cryptology-Crypto’86. LNCS 263. London: Springer-Verlag, 1987. 186–199

    Google Scholar 

  21. Bellare M, Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st CCS. New York: ACM Press, 1993. 62–73

    Google Scholar 

  22. NTL: A Library for doing Number Theory[EB/OL]. http://www.shoup.net/ntl

  23. The Pairing-Based Cryptography Library[EB/OL]. http://crypto.stanford.edu/pbc/times.html

  24. Miyaji A, Nakabayashi M, Takano S. New explicit conditions of elliptic curve traces for FRreduction. IEICE Trans, 2002, E85-A: 481–484

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Science, Beijing, 100190, China

    DengGuo Feng & Yu Qin

  2. National Engineering Research Center of Information Security, Beijing, 100190, China

    DengGuo Feng & Yu Qin

Authors
  1. DengGuo Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yu Qin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to DengGuo Feng.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Feng, D., Qin, Y. A property-based attestation protocol for TCM. Sci. China Inf. Sci. 53, 454–464 (2010). https://doi.org/10.1007/s11432-010-0057-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11432-010-0057-1

Keywords

Search

Navigation