Turtles all the way down: research challenges in user-based attestation

Authors:
Jonathan M. McCune;Adrian Perrig;Arvind Seshadri;Leendert van Doorn
Affiliations:
CMU/CyLab;CMU/CyLab;CMU/CyLab;AMD
Venue:
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
Year:
2007

Citing 6
Cited 11

Building the IBM 4758 Secure Coprocessor

Computer
A secure and reliable bootstrap architecture

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Direct anonymous attestation

Proceedings of the 11th ACM conference on Computer and communications security
Property-based attestation for computing platforms: caring about properties, not mechanisms

NSPW '04 Proceedings of the 2004 workshop on New security paradigms
TCG inside?: a note on TPM specification compliance

Proceedings of the first ACM workshop on Scalable trusted computing
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13

Trustworthy and personalized computing on public kiosks

Proceedings of the 6th international conference on Mobile systems, applications, and services
A Demonstrative Ad Hoc Attestation System

ISC '08 Proceedings of the 11th international conference on Information Security
Tagging the Turtle: Local Attestation for Kiosk Computing

ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
A portable TPM based on USB key

Proceedings of the 17th ACM conference on Computer and communications security
System security, platform security and usability

Proceedings of the fifth ACM workshop on Scalable trusted computing
Kells: a protection framework for portable data

Proceedings of the 26th Annual Computer Security Applications Conference
An approach to introducing locality in remote attestation using near field communications

The Journal of Supercomputing
Trust extension as a mechanism for secure code execution on commodity computers

Trust extension as a mechanism for secure code execution on commodity computers
Lockdown: towards a safe and practical architecture for security applications on commodity platforms

TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Securing mobile agents for crisis management support

Proceedings of the seventh ACM workshop on Scalable trusted computing
Secure embedded system hardware design - A flexible security and trust enhanced approach

Computers and Electrical Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Current trusted computing technologies allow computing devices to verify each other, but in a networked world, there is no reason to trust one computing device any more than another. Treating these devices as turtles, the user who seeks a trustworthy system from which to verify others quickly realizes that it's "turtles all the way down" because of the endless loop of trust dependencies. We need to provide the user with one initial turtle (the iTurtle) which is axiomatically trustworthy, thereby breaking the dependency loop. In this paper, we present some of the research challenges involved in designing and using such an iTurtle.