Presence attestation: The missing link in dynamic trust bootstrapping

Many popular modern processors include an important hardware security feature in the form of a DRTM (Dynamic Root of Trust for Measurement) that helps bootstrap trust and resists software attacks. However, despite substantial body of prior research on trust establishment, security of DRTM was treate...

Full description

Saved in:
Bibliographic Details
Main Authors: ZHANG, Zhangkai, DING, Xuhua, TSUDIK, Gene, CUI, Jinhua, LI, Zhoujun
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2017
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/3877
https://ink.library.smu.edu.sg/context/sis_research/article/4879/viewcontent/preatt.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-4879
record_format dspace
spelling sg-smu-ink.sis_research-48792020-03-27T03:30:17Z Presence attestation: The missing link in dynamic trust bootstrapping ZHANG, Zhangkai DING, Xuhua TSUDIK, Gene CUI, Jinhua LI, Zhoujun Many popular modern processors include an important hardware security feature in the form of a DRTM (Dynamic Root of Trust for Measurement) that helps bootstrap trust and resists software attacks. However, despite substantial body of prior research on trust establishment, security of DRTM was treated without involvement of the human user, who represents a vital missing link. The basic challenge is: how can a human user determine whether an expected DRTM is currently active on her device? In this paper, we define the notion of “presence attestation”, which is based on mandatory, though minimal, user participation. We present three concrete presence attestation schemes: sightbased, location-based and scene-based. They vary in terms of security and usability features, and are suitable for different application contexts. After analyzing their security, we assess their usability and performance based on prototype implementations. 2017-11-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3877 info:doi/10.1145/3133956.3134094 https://ink.library.smu.edu.sg/context/sis_research/article/4879/viewcontent/preatt.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University trusted computing attestation dynamic root of trust human-inthe-loop device I/O Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic trusted computing
attestation
dynamic root of trust
human-inthe-loop
device I/O
Information Security
spellingShingle trusted computing
attestation
dynamic root of trust
human-inthe-loop
device I/O
Information Security
ZHANG, Zhangkai
DING, Xuhua
TSUDIK, Gene
CUI, Jinhua
LI, Zhoujun
Presence attestation: The missing link in dynamic trust bootstrapping
description Many popular modern processors include an important hardware security feature in the form of a DRTM (Dynamic Root of Trust for Measurement) that helps bootstrap trust and resists software attacks. However, despite substantial body of prior research on trust establishment, security of DRTM was treated without involvement of the human user, who represents a vital missing link. The basic challenge is: how can a human user determine whether an expected DRTM is currently active on her device? In this paper, we define the notion of “presence attestation”, which is based on mandatory, though minimal, user participation. We present three concrete presence attestation schemes: sightbased, location-based and scene-based. They vary in terms of security and usability features, and are suitable for different application contexts. After analyzing their security, we assess their usability and performance based on prototype implementations.
format text
author ZHANG, Zhangkai
DING, Xuhua
TSUDIK, Gene
CUI, Jinhua
LI, Zhoujun
author_facet ZHANG, Zhangkai
DING, Xuhua
TSUDIK, Gene
CUI, Jinhua
LI, Zhoujun
author_sort ZHANG, Zhangkai
title Presence attestation: The missing link in dynamic trust bootstrapping
title_short Presence attestation: The missing link in dynamic trust bootstrapping
title_full Presence attestation: The missing link in dynamic trust bootstrapping
title_fullStr Presence attestation: The missing link in dynamic trust bootstrapping
title_full_unstemmed Presence attestation: The missing link in dynamic trust bootstrapping
title_sort presence attestation: the missing link in dynamic trust bootstrapping
publisher Institutional Knowledge at Singapore Management University
publishDate 2017
url https://ink.library.smu.edu.sg/sis_research/3877
https://ink.library.smu.edu.sg/context/sis_research/article/4879/viewcontent/preatt.pdf
_version_ 1770573871220523008