An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
A practical guide to trusted computing
A practical guide to trusted computing
TrInc: small trusted hardware for large distributed systems
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
TruWallet: trustworthy and migratable wallet-based web authentication
Proceedings of the 2009 ACM workshop on Scalable trusted computing
TrustVisor: Efficient TCB Reduction and Attestation
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Implementing an application-specific credential platform using late-launched mobile trusted module
Proceedings of the fifth ACM workshop on Scalable trusted computing
Nexus authorization logic (NAL): Design rationale and applications
ACM Transactions on Information and System Security (TISSEC)
Memoir: Practical State Continuity for Protected Modules
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Delusional boot: securing hypervisors without massive re-engineering
Proceedings of the 7th ACM european conference on Computer Systems
Trusted language runtime (TLR): enabling trusted applications on smartphones
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
A close examination of performance and power characteristics of 4G LTE networks
Proceedings of the 10th international conference on Mobile systems, applications, and services
Software abstractions for trusted sensors
Proceedings of the 10th international conference on Mobile systems, applications, and services
Policy-sealed data: a new abstraction for building trusted cloud services
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Cross-VM side channels and their use to extract private keys
Proceedings of the 2012 ACM conference on Computer and communications security
Pasture: secure offline data access using commodity trusted hardware
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Innovative instructions and software model for isolated execution
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Using innovative instructions to create trustworthy software solutions
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
| Hi-index | 0.00 |
Current Trusted Platform Modules (TPMs) are illsuited for cross-device scenarios in trusted mobile applications because they hinder the seamless sharing of data across multiple devices. This paper presents cTPM, an extension of the TPM's design that adds an additional root key to the TPM and shares that root key with the cloud. As a result, the cloud can create and share TPM-protected keys and data across multiple devices owned by one user. Further, the additional key lets the cTPM allocate cloud-backed remote storage so that each TPM can benefit from a trusted real-time clock and high-performance, non-volatile storage. This paper shows that cTPM is practical, versatile, and easily applicable to trusted mobile applications. Our simple change to the TPM specification is viable because its fundamental concepts - a primary root key and off-chip, NV storage - are already found in the current specification, TPM 2.0. By avoiding a clean-slate redesign, we sidestep the difficult challenge of re-verifying the security properties of a new TPM design. We demonstrate cTPM's versatility with two case studies: extending Pasture with additional functionality, and reimplementing TrInc without the need for extra hardware.