Abstract
This paper presents a property attestation protocol for the security chip TCM (trusted cryptographic module) via analyzing the problems of the current property attestation, which is built on the property attestation model with the online trust third party. In the protocol the prover utilizes the zero-knowledge proof by the attribute certificates, configuration commitment and TCM signature, and attests its configuration and status which are compliant with the declarative security property. The protocol is characterized by shorter signature length and lower computations. The security of the protocol is proved at the random oracle model. The protocol can help extend application and improve standard for security chip TCM, and it also has practical value and immediate significance.
Similar content being viewed by others
References
Trusted Computing Group. TPM Main Part 1, Design Principles Specification, Version 1.2 Revision 62[EB/OL]. [2003-10-2]. https://www.trustedcomputinggroup.org/home.
Trusted Computing Group. TCG Software Stack (TSS) Specification, Version 1.10[EB/OL]. [2003-8-20]. https://www.trusted-computinggroup.org.
Trusted Computing Group. TCG Glossary Specification, Revision 0.1[EB/OL]. [2004-7-22]. https://www.trustedcomputinggroup.org/home.
Sailer R, Zhang X L, Jaeger T, et al. Design and implementation of a TCG-based integrity measurement architecture. In: 13th Usenix Security Symposium. San Diego: USENIX Association, 2004. 16–16
Safford D, Zohar M. A Trusted Linux Clent (TLC). http://www.research.ibm.com/gsal/tcpa/tlc.pdf
Haldar V, Chandra D, Franz M. Semantic remote attestation: A virtual machine directed approach to trusted computing. In: Proceedings of USENIX Virtual Machine Research and Technology Symposium, Long Beach: California State University, 2004. 145–154
Seshadri A, Perrig A, Doorn L V, et al. SWATT: Software-based Attestation for embedded devices. In: Proceedings of the IEEE Security & Privacy Conference, Oakland: IEEE, 2004. 272–282
Yoshihama S, Ebringer T, Nakamura M, et al. WS-Attestation: Efficient and fine-grained remote attestation on web services. In: Proceedings of International Conference on Web Services. Washington, DC: IEEE, 2005. 743–750
Sadeghi A, Stüble C. Property-based attestation for computing platforms: caring about properties, not mechanisms. In: Proceedings of the 2004 Workshop on New Security Paradigms. Nova Scotia: ACM Press, 2004. 67–77
Poritz J, Schunter M, Herreweghen E V, et al. Property attestation—scalable and privacy-friendly security assessment of peer computers. IBM Research Report RZ 3548. 2004
Chen L Q, Landfermann R, Löhr H, et al. A protocol for property-based attestation. In: Proceedings of the first ACM workshop on Scalable trusted computing. New York: ACM Press, 2006. 7–16
Chen L Q, Löhr H, Manulis M, et al. Property-based attestation without a trusted third party. In: Proceedings of the 11th International Conference on Information Security. LNCS, vol. 5222. Berlin: Springer-Verlag, 2008. 31–46
Kuehn U, Selhorst M, Stueble C. Realizing property-based attestation and sealing with commonly available hard- and software. In: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing. New York: ACM, 2007. 50–57
China State Password Administration Committee. Functionality and Interface Specification of Cryptographic Supporting Platform for Trusted Computing, 2007. http://www.oscca.gov.cn
Camenisch J, Stadler M. Efficient group signature schemes for large groups. In: CAIP 1997. LNCS, vol. 1296. Heidelberg: Springer, 1997. 410–424
Boneh D, Franklin M. Identity-based encryption from the Weil pairing. In: Kilian J, ed. CRYPTO 2001. LNCS, vol. 2139. Heidelberg: Springer, 2001. 213–229
Camenisch J, Lysyanskaya A. Signature schemes and anonymous credentials from bilinear maps. In: Franklin M, ed. CRYPTO 2004. LNCS, vol. 3152. Heidelberg: Springer, 2004. 56–72
Lysyanskaya A, Rivest R L, Sahai A, et al. Pseudonym systems. In: Heys H M, Adams C M, eds. SAC 1999. LNCS, vol. 1758. Heidelberg: Springer, 2000. 184–199
Pedersen T P. Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum J, ed. Advances in Cryptology-CRYPTO’ 91, LNCS, vol. 576. Berlin: Springer-Verlag, 1992. 129–140
Fiat A, Shamir A. How to prove ourself: Practical solution to identification and signature problems. In: Advances in Cryptology-Crypto’86. LNCS 263. London: Springer-Verlag, 1987. 186–199
Bellare M, Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st CCS. New York: ACM Press, 1993. 62–73
NTL: A Library for doing Number Theory[EB/OL]. http://www.shoup.net/ntl
The Pairing-Based Cryptography Library[EB/OL]. http://crypto.stanford.edu/pbc/times.html
Miyaji A, Nakabayashi M, Takano S. New explicit conditions of elliptic curve traces for FRreduction. IEICE Trans, 2002, E85-A: 481–484
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Feng, D., Qin, Y. A property-based attestation protocol for TCM. Sci. China Inf. Sci. 53, 454–464 (2010). https://doi.org/10.1007/s11432-010-0057-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-010-0057-1