Trusted computing challenges

Trusted computing, which most people take to be synonymous with TCG related technologies, has been commercially available since 1999 (back then it was called TCPA). Still, even after 8 years, its adoption has been slow and the TCG features are underutilized. The question is why? Initially the TCG technology had to overcome a lot of misconceptions and privacy concerns, but leaving these aside, the TCG-technology has also many technical challenges that have yet to be resolved. For example, attestation is a very powerful concept but is fraught with problem A key problem with attestation is scalability. A straight forward attestation implementation such as IMA for Linux does not scale. IMA captures all the measurements for all the applications on a running system and then burdens the recipient with verifying the attestation statements. With many different versions of operating systems, kernel modules, libraries and applications this mechanism quickly becomes unpractical. Even property-based attestation, which makes the consumption of attestation statements a lot more palatable for the receiver, still has the scaling problem of mapping all these changing components to a single property This is just one of the many open problems trusted computing still faces. In this keynote I will discuss what I consider to be the main open challenges and I will present my vision of how commercially viable trusted systems need to evolve.