Group-based attestation: enhancing privacy and management in remote attestation

Authors:
Sami Alsouri;Özgür Dagdelen;Stefan Katzenbeisser
Affiliations:
Technische Universität Darmstadt, Center for Advanced Security Research Darmstadt, Darmstadt, Germany;Technische Universität Darmstadt, Center for Advanced Security Research Darmstadt, Darmstadt, Germany;Technische Universität Darmstadt, Center for Advanced Security Research Darmstadt, Darmstadt, Germany
Venue:
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Year:
2010

Citing 14
Cited 0

Direct anonymous attestation

Proceedings of the 11th ACM conference on Computer and communications security
Property-based attestation for computing platforms: caring about properties, not mechanisms

NSPW '04 Proceedings of the 2004 workshop on New security paradigms
WS-Attestation: Efficient and Fine-Grained Remote Attestation on Web Services

ICWS '05 Proceedings of the IEEE International Conference on Web Services
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Semantic remote attestation: a virtual machine directed approach to trusted computing

VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Enhanced privacy id: a direct anonymous attestation scheme with enhanced revocation capabilities

Proceedings of the 2007 ACM workshop on Privacy in electronic society
Realizing property-based attestation and sealing with commonly available hard- and software

Proceedings of the 2007 ACM workshop on Scalable trusted computing
Practical Techniques for Operating System Attestation

Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
A New Direct Anonymous Attestation Scheme from Bilinear Maps

ICYCS '08 Proceedings of the 2008 The 9th International Conference for Young Computer Scientists
Behavioral Attestation for Business Processes

ICWS '09 Proceedings of the 2009 IEEE International Conference on Web Services
On the Feasibility of Remote Attestation for Web Services

CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Group signatures

EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
On the key exposure problem in chameleon hashes

SCN'04 Proceedings of the 4th international conference on Security in Communication Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

One of the central aims of Trusted Computing is to provide the ability to attest that a remote platform is in a certain trustworthy state. While in principle this functionality can be achieved by the remote attestation process as standardized by the Trusted Computing Group, privacy and scalability problems make it difficult to realize in practice: In particular, the use of the SHA-1 hash to measure system components requires maintenance of a large set of hashes of presumably trustworthy software; furthermore, during attestation, the full configuration of the platform is revealed. In this paper we show how chameleon hashes allow to mitigate of these two problems. By using a prototypical implementation we furthermore show that the approach is feasible in practice.