Authentication and delegation with smart-cards
TACS'91 Selected papers of the conference on Theoretical aspects of computer software
Authenticating public terminals
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
Proceedings of the 7th International Workshop on Security Protocols
Trustworthy Pervasive Computing: The Hard Security Problems
PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Trusted Computing Platforms: TCPA Technology in Context
Trusted Computing Platforms: TCPA Technology in Context
Linking remote attestation to secure tunnel endpoints
Proceedings of the first ACM workshop on Scalable trusted computing
Design of the EROS trusted window system
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Towards Trustworthy Kiosk Computing
HOTMOBILE '07 Proceedings of the Eighth IEEE Workshop on Mobile Computing Systems and Applications
Transaction generators: root kits for web
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
Turtles all the way down: research challenges in user-based attestation
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
Keep your enemies close: distance bounding against smartcard relay attacks
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
A practical guide to trusted computing
A practical guide to trusted computing
Towards multilaterally secure computing platforms-with open source and trusted computing
Information Security Tech. Report
Engineering attestable services
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
An approach to introducing locality in remote attestation using near field communications
The Journal of Supercomputing
Achieving attestation with less effort: an indirect and configurable approach to integrity reporting
Proceedings of the sixth ACM workshop on Scalable trusted computing
| Hi-index | 0.00 |
Given the growing number and increasingly criminally motivated attacks on computing platforms, the ability to assert the integrity of platform becomes indispensable. The trusted computing community has come up with various remote attestation protocols that allow to assert the integrity of a remote platform over a network.A related problem is that of ad hoc attestation, where a user walks up to a computing platform and wants to find out whether thatplatform in front of her is in a trustworthy state or not. ad hoc attestation is considered to be an open problem, and some very recent publications have outlined a number of open challenges in this field. Major challenges are (i) the security against platform in the middle attacks (ii) viable choice of the device used to perform attestation, and (iii) the manageability of integrity measurements on that device.In this paper we describe a concrete implementation of an ad hoc attestation system that resolves these challenges. Most importantly, our system offers a novel and very intuitive user experience. In fact, from a user perspective, ad hoc attestation using our solution roughly consists of initiating the process on the target platform and then holding a security token to the screen of the target platform. The outcome of the ad hoc attestation (i.e., whether the platform is trustworthy or not) is then shown on the token's display. This usage paradigm, which we refer to as demonstrative ad hoc attestation, is based on a novel security token technology, which we have used. We believe that our system has the potential to be evolved into a system for real world usage.