Flexible μTPMs through disembedding

With the utilization of TPM-based trusted platforms in real applications, and the subsequent adaption of the specification to the experience gained from such utilization, it increasingly appears that the TPM architecture has some fundamental flaws that result in more and more complex and expensive hardware requirements. In this paper, we propose a new architecture that resets the trust boundary to a much smaller scale, thus allowing for much simpler and more flexible TPM implementations, without sacrificing the security gains from a classical TPM.

[1]  Mihir Bellare,et al.  The EAX Mode of Operation , 2004, FSE.

[2]  Jan-Erik Ekberg NRC-TR-2007-015 Mobile Trusted Module ( MTM )-an introduction , 2007 .

[3]  Srinivas Devadas,et al.  Virtual monotonic counters and count-limited objects using a TPM without a trusted OS , 2006, STC '06.

[4]  David Naccache,et al.  How to Disembed a Program? , 2004, IACR Cryptol. ePrint Arch..

[5]  Ahmad-Reza Sadeghi,et al.  Reconfigurable trusted computing in hardware , 2007, STC '07.

[6]  Stefan Berger,et al.  vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.

[7]  Mihir Bellare,et al.  OCB: a block-cipher mode of operation for efficient authenticated encryption , 2001, CCS '01.

[8]  John Viega,et al.  The Security and Performance of the Galois/Counter Mode (GCM) of Operation , 2004, INDOCRYPT.

[9]  Kurt Dietrich An integrated architecture for trusted computing for java enabled embedded devices , 2007, STC '07.

[10]  Ahmad-Reza Sadeghi,et al.  TCG inside?: a note on TPM specification compliance , 2006, STC '06.

[11]  Heiko Stamer,et al.  A Software-Based Trusted Platform Module Emulator , 2008, TRUST.

[12]  Ahmad-Reza Sadeghi,et al.  Trusted Computing - Challenges and Applications, First International Conference on Trusted Computing and Trust in Information Technologies, Trust 2008, Villach, Austria, March 11-12, 2008, Proceedings , 2008, TRUST.

[13]  Srinivas Devadas,et al.  The Trusted Execution Module: Commodity General-Purpose Trusted Computing , 2008, CARDIS.