IACR News item: 07 January 2013
PhD Database
Name: Dries Schellekens
Topic: Design and Analysis of Trusted Computing Platforms
Category: applications
Description: This thesis deals with the analysis and design of trusted computing platforms. Trusted computing technology is a relatively new enabling technology to improve the trustworthiness of computing platforms. With minor changes to the boot process and the addition of a new hardware security component, called TPM (Trusted Platform Module), trusted computing platforms o?er the possibility\r\nto veri?ably report their integrity to external parties (i.e., remote attestation) and to bind information to a speci?c platform (i.e., sealed storage).\r\n\r\nThe ?rst part of this thesis mainly focuses on the analysis of existing trusted computing platforms. We analyze the functionality provided by the speci?cations of the TCG (Trusted Computing Group) and purely software-based alternatives. Based on this analysis we present an improvement to a software-based attestation scheme: we propose to measure the execution time of a memory checksum function locally (with the time stamping functionality of the TPM) instead of remotely (over the network). \r\n\r\nWe also study the resilience of trusted computing platforms against hardware attacks. We describe how attacks on the communication interface of the TPM can circumvent the measured boot process. The feasibility of these attacks is investigated in practice. Additionally we explore which operations should be targeted with a side channel attack to extracts the secret keys of a TPM.\r\n\r\nThe second part of this thesis addresses some of the challenges to implement trusted computing technology on embedded and recon?gurable devices. One of the main problems when integrating a TPM into a system-on-chip design, is the lack of on-chip reprogrammable non volatile memory. We develop schemes to securely externalize the non-volatile storage of a TPM. One scheme relies a new security primitive, called a recon?gurable physical unclonable function, and another extends the security perimeter of the TPM to the external memory with a cryptographic protoco[...]
Topic: Design and Analysis of Trusted Computing Platforms
Category: applications
Description: This thesis deals with the analysis and design of trusted computing platforms. Trusted computing technology is a relatively new enabling technology to improve the trustworthiness of computing platforms. With minor changes to the boot process and the addition of a new hardware security component, called TPM (Trusted Platform Module), trusted computing platforms o?er the possibility\r\nto veri?ably report their integrity to external parties (i.e., remote attestation) and to bind information to a speci?c platform (i.e., sealed storage).\r\n\r\nThe ?rst part of this thesis mainly focuses on the analysis of existing trusted computing platforms. We analyze the functionality provided by the speci?cations of the TCG (Trusted Computing Group) and purely software-based alternatives. Based on this analysis we present an improvement to a software-based attestation scheme: we propose to measure the execution time of a memory checksum function locally (with the time stamping functionality of the TPM) instead of remotely (over the network). \r\n\r\nWe also study the resilience of trusted computing platforms against hardware attacks. We describe how attacks on the communication interface of the TPM can circumvent the measured boot process. The feasibility of these attacks is investigated in practice. Additionally we explore which operations should be targeted with a side channel attack to extracts the secret keys of a TPM.\r\n\r\nThe second part of this thesis addresses some of the challenges to implement trusted computing technology on embedded and recon?gurable devices. One of the main problems when integrating a TPM into a system-on-chip design, is the lack of on-chip reprogrammable non volatile memory. We develop schemes to securely externalize the non-volatile storage of a TPM. One scheme relies a new security primitive, called a recon?gurable physical unclonable function, and another extends the security perimeter of the TPM to the external memory with a cryptographic protoco[...]
Additional news items may be found on the IACR news page.