Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Accountable certificate management using undeniable attestations
Proceedings of the 7th ACM conference on Computer and communications security
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Building secure file systems out of byzantine storage
Proceedings of the twenty-first annual symposium on Principles of distributed computing
Eliminating counterevidence with applications to accountable certificate management
Journal of Computer Security
How to Time-Stamp a Digital Document
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
The IBM PCIXCC: a new cryptographic coprocessor for the IBM eServer
IBM Journal of Research and Development
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Virtual monotonic counters and count-limited objects using a TPM without a trusted OS
Proceedings of the first ACM workshop on Scalable trusted computing
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Athos: Efficient Authentication of Outsourced File Systems
ISC '08 Proceedings of the 11th international conference on Information Security
On device identity establishment and verification
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Credential disabling from trusted execution environments
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Multi-user dynamic proofs of data possession using trusted hardware
Proceedings of the third ACM conference on Data and application security and privacy
Authenticated storage using small trusted hardware
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Client-controlled cryptography-as-a-service in the cloud
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
We address the problemof using an untrusted server with only a trusted timestamping device (TTD) to provide trusted storage for a large number of clients, where each client may own and use several different devices that may be offline at different times and may not be able to communicate with each other except through the untrusted server (over an untrusted network). We show how a TTD can be implemented using currently available Trusted Platform Module TPM 1.2 technology without having to assume trust in the BIOS, CPU, or OS of the TPM's server. We show how the TTD can be used to implement tamper-evident storagewhere clients are guaranteed to immediately detect illegitimate modifications to their data (including replay attacks and forking attacks) whenever they wish to perform a critical operation that relies on the freshness and validity of the data. In particular, we introduce and analyze a log-based scheme in which the TTD is used to securely implement a large number of virtual monotonic counters, which can then be used to time-stamp data and provide tamper-evident storage. We present performance results of an actual implementation using PlanetLab and a PC with a TPM 1.2 chip