Touch'n Trust: An NFC-Enabled Trusted Platform Module

Instant and ubiquitous access to devices such as public terminals raises several security concerns in terms of confidentiality and trust. While Trusted Computing introduces advanced security mechanisms into terminal hardware, there is often no convenient way to help users decide on the trustworthiness of a device. To overcome this issue, Near Field Communication (NFC) can be used to leverage the trusted- computing protocol of remote attestation. Here, NFC helps user to intuitively establish a communication between local devices. In this article, we propose an NFC-enabled Trusted Platform Module (TPM) architecture that allows users to verify the security status of public terminals. For this, we introduce an autonomic and low-cost NFC-compatible interface to the TPM to create a direct trusted channel. Users can access the TPM with NFC-enabled devices, which have become widely available in the form of smart phones. Elliptic-curve cryptography provides efficient signing and verifying of the security-status report. Furthermore, we implemented an NFC-enabled TPM platform as a proof-of-concept demonstrator and show that a trust decision can be realized with commodity mobile phones. It shows that an NFC-enabled TPM can effectively help to overcome confidentiality issues in common public-terminal applications.

[1]  Clemens Fruhwirth,et al.  New Methods in Hard Disk Encryption , 2005 .

[2]  Michael Hutter,et al.  An approach to introducing locality in remote attestation using near field communications , 2011, The Journal of Supercomputing.

[3]  Adrian Perrig,et al.  Turtles all the way down: research challenges in user-based attestation , 2007, WRAITS '08.

[4]  Paul Barrett,et al.  Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor , 1986, CRYPTO.

[5]  Qi Li,et al.  Secure Mobile Payment via Trusted Computing , 2008, 2008 Third Asia-Pacific Trusted Infrastructure Technologies Conference.

[6]  Stephen M. Papa,et al.  Trusted Boot , 2011, Encyclopedia of Cryptography and Security.

[7]  David A. Wagner,et al.  Privacy for RFID through trusted computing , 2005, WPES '05.

[8]  Ole Agesen,et al.  A comparison of software and hardware techniques for x86 virtualization , 2006, ASPLOS XII.

[9]  Michael Gissing,et al.  Dynamic Enforcement of Platform Integrity , 2010, TRUST.

[10]  David Grawrock,et al.  Dynamics of a trusted platform: a building block approach , 2009 .

[11]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[12]  Marc Joye,et al.  Memory-Constrained Implementations of Elliptic Curve Cryptography in Co-Z Coordinate Representation , 2011, AFRICACRYPT.

[13]  トップマネジメントサービス,et al.  Debian GNU/Linux 2.0日本語ワークステーション構築入門 , 1999 .

[14]  Joshua D. Guttman,et al.  Attestation: Evidence and Trust , 2008, ICICS.

[15]  Ahmad-Reza Sadeghi,et al.  Property-based attestation for computing platforms: caring about properties, not mechanisms , 2004, NSPW '04.

[16]  A. Kivity,et al.  kvm : the Linux Virtual Machine Monitor , 2007 .

[17]  J. Stein Computational problems associated with Racah algebra , 1967 .

[18]  Martin Pirker,et al.  A PrivacyCA for Anonymity and Trust , 2009, TRUST.

[19]  Michael Hutter,et al.  A Trusted Platform Module for Near Field Communication , 2010, 2010 Fifth International Conference on Systems and Networks Communications.

[20]  Christopher Strachey,et al.  Time sharing in large, fast computers , 1959, IFIP Congress.

[21]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[22]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[23]  Michael Gissing,et al.  acTvSM: A Dynamic Virtualization Platform for Enforcement of Application Integrity , 2010, INTRUST.

[24]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[25]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[26]  Ronald Toegl Tagging the Turtle: Local Attestation for Kiosk Computing , 2009, ISA.

[27]  Fabrice Bellard,et al.  QEMU, a Fast and Portable Dynamic Translator , 2005, USENIX ATC, FREENIX Track.

[28]  Bryan Parno,et al.  Bootstrapping Trust in a "Trusted" Platform , 2008, HotSec.

[29]  Leendert van Doorn,et al.  Take control of TCPA , 2003 .

[30]  Martin Pirker,et al.  Towards a Virtual Trusted Platform , 2010, J. Univers. Comput. Sci..

[31]  Robert P. Goldberg,et al.  Formal requirements for virtualizable third generation architectures , 1973, SOSP 1973.

[32]  Stefan Berger,et al.  Trustworthy and personalized computing on public kiosks , 2008, MobiSys '08.