Design and Analysis of a Modified Remote Attestation Protocol

Secure interaction amongst system components is inherent to ensure the trustworthiness of the applications. In a distributed system, the attester should know whether the communicating client as well as the user who is using that client system is trustworthy. This can be achieved by a technique called remote attestation. This study presents a three-phase remote attestation protocol which provides relaxation over the low extensibility and low openness problem of binary remote attestation method, using the support of the SELinux module. It also analyses the performance of different existing and related binary remote attestation methods with the proposed approach which shows that the suggested remote attestation method is efficient. The results of the formal analysis are achieved using ProVerif tool which proves that the proposed remote attestation protocol satisfies several security properties such as secrecy, authenticity, indistinguishability and unlinkability.

[1]  Ahmad-Reza Sadeghi,et al.  Property-based attestation for computing platforms: caring about properties, not mechanisms , 2004, NSPW '04.

[2]  David Baelde,et al.  A Method for Verifying Privacy-Type Properties: The Unbounded Case , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[3]  Michael Backes,et al.  Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[4]  Yue Yu,et al.  Expand the SSL/TLS protocol on Trusted Platform Module , 2010, 2010 International Conference on Computer Application and System Modeling (ICCASM 2010).

[5]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[6]  Patrick Röder,et al.  A Robust Integrity Reporting Protocol for Remote Attestation , 2006 .

[7]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[8]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[9]  Mark Ryan,et al.  Analysing Unlinkability and Anonymity Using the Applied Pi Calculus , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[10]  Zhen Han,et al.  An Anonymous Remote Attestation Protocol to Prevent Masquerading Attack , 2014, 2014 IEEE 11th Intl Conf on Ubiquitous Intelligence and Computing and 2014 IEEE 11th Intl Conf on Autonomic and Trusted Computing and 2014 IEEE 14th Intl Conf on Scalable Computing and Communications and Its Associated Workshops.

[11]  Frederik Armknecht,et al.  An efficient implementation of trusted channels based on openssl , 2008, STC '08.

[12]  Stefan Katzenbeisser,et al.  Improving the scalability of platform attestation , 2008, STC '08.