Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Attestation Mechanism in Trusted Computing. A Simple Remote Attestation Protocol Platform TPM Verifier Application A generates PK A & SK A 2) computes.

Published byAustin McKenzie Modified over 9 years ago

Similar presentations

Presentation on theme: "The Attestation Mechanism in Trusted Computing. A Simple Remote Attestation Protocol Platform TPM Verifier Application A generates PK A & SK A 2) computes."— Presentation transcript:

1 The Attestation Mechanism in Trusted Computing

2 A Simple Remote Attestation Protocol Platform TPM Verifier Application A generates PK A & SK A 2) computes hash #A 3) Cert{PK A, #A}SK AIK 4) Cert AIK { PK A, #A}, Cert CA { PK AIK } 6) looks up #A in DB 5) verifies the signatures 7)... PK TPM & SK TPM (Endorsement key) 1) PK A DB #A“ok” PK AIK & SK AIK (Attestation Identity Key)

3 Privacy Concerns The attestation key could be used to track internet activity and compromise privacy. 1 st solution: trusted third party. 2 nd solution: Direct anonymous attestation. -E. Brickell, J. Camenisch, and L. Chen

4 DAA - Joining Platform TPM DAA Issuer 2) DAA, Cert CA {PKT PM } 3) Sig Issuer (DAA) PK TPM & SK TPM (Endorsement key) 1) generates DAA key *Sig Issuer (DAA) is (c,e,s) such that c e = a daa b s d mod n key=(a,b,d,n)

5 DAA – Attestation (1) Platform TPM PK TPM & SK TPM (Endorsement key) DAA key Verifier 4) Sig AIKi {PK A, #A} PK AIKi & SK AIKi (Attestation Identity Keys) 1) Generate AIK i 3) Compute Sig DAA {AIK i, verifier, time} Application A 2) Compute #A

6 DAA – Attestation (2) Platform TPM PK TPM & SK TPM (Endorsement key) DAA key Verifier 4) Sig AIKi {PK A, #A} PK AIKi & SK AIKi (Attestation Identity Keys) 5) ZKP that establishes that the TPM posesses: Sig Issuer {DAA} and Sig DAA {AIK i, verifier, time} Application A 1) Generate AIK i 3) Compute Sig DAA {AIK i, verifier, time} 2) Compute #A

Download ppt "The Attestation Mechanism in Trusted Computing. A Simple Remote Attestation Protocol Platform TPM Verifier Application A generates PK A & SK A 2) computes."

Similar presentations

Simple and Practical Anonymous Digital Coin Tracing

Simple and Practical Anonymous Digital Coin Tracing
A Crash Course in Modern Crypto Tools Dan Boneh Stanford University.

A Crash Course in Modern Crypto Tools Dan Boneh Stanford University.
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Trusted Platform Module

Trusted Platform Module
Vpn-info.com.

Vpn-info.com.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
Analysis of Direct Anonymous Attestation (DAA) Sudip Regmi Ilya Pirkin.

Analysis of Direct Anonymous Attestation (DAA) Sudip Regmi Ilya Pirkin.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Analysis of Remote Attestation Lavina Jain, Jayesh Vyas.

Analysis of Remote Attestation Lavina Jain, Jayesh Vyas.
Efficient Private Techniques for Verifying Social Proximity Michael J. Freedman and Antonio Nicolosi Discussion by: A. Ziad Hatahet.

Efficient Private Techniques for Verifying Social Proximity Michael J. Freedman and Antonio Nicolosi Discussion by: A. Ziad Hatahet.
IAW 2006 Cascaded Authorization with Anonymous- Signer Aggregate Signatures Danfeng Yao Department of Computer Science Brown University Joint work with.

IAW 2006 Cascaded Authorization with Anonymous- Signer Aggregate Signatures Danfeng Yao Department of Computer Science Brown University Joint work with.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.
Secret Handshakes from CA-Oblivious Encryption Asiacrypt 2004, Jeju-do, Korea Claude Castelluccia, Stanisław Jarecki, Gene Tsudik UC Irvine.

Secret Handshakes from CA-Oblivious Encryption Asiacrypt 2004, Jeju-do, Korea Claude Castelluccia, Stanisław Jarecki, Gene Tsudik UC Irvine.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Similar presentations

Ads by Google