Abstract
We present a protocol that allows servers to securely distribute secrets to trusted platforms. The protocol maintains the confidentiality of secrets in the face of eavesdroppers and careless users. Given an ideal (tamper-proof) trusted platform, the protocol can even withstand attacks by dishonest users. As an example of its use, we present an application to secure document processing.
This work was partially supported by the Zurich Information Security Center. It represents the views of the authors.
Chapter PDF
Similar content being viewed by others
Keywords
- Secret Data
- Trusted Platform Module
- Access Control Model
- Trust Computing Group
- Direct Anonymous Attestation
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bishop, M.: Computer Security: Art and Science. Addison Wesley Professional, Reading (2003)
Trusted Computing Group: TCG architecture overview (TCG Specification)
Trusted Computing Group: TCG TPM specification version 1.2 (TCG Specification)
Anderson, R., et al.: Cryptographic processors – a survey. Technical Report 641, University of Cambridge (2005)
Smith, S.W.: Trusted Computing Platforms: Design and Applications. Springer, Heidelberg (2005)
Strasser, M.: A software-based TPM emulator for Linux. Semesterarbeit, ETH Zurich (2004)
Microsoft: Windows Vista beta 2 trusted platform module services step by step guide (Published on the WWW)
Kay, R.L.: This ain’t your father’s internet: How hardware security will become nearly ubiquitous as a rock solid solution to safeguarding connected computing (Published on the WWW)
Pearson, S. (ed.): Trusted Computing Platforms: TCPA Technology in Context. Prentice-Hall, Englewood Cliffs (2003)
Grawrock, D.: The Intel Safer Computing Initiative. Intel Press, Santa Clara (2006)
Mitchell, C. (ed.): Trusted Computing, vol. 6 of IEE Professional Applications of Computing. The Institution of Electrical Engineers (2005)
Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Pfitzmann, B., Liu, P. (eds.) Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS 2004), pp. 132–145. ACM Press, New York (2004)
Camenisch, J.: Better privacy for trusted computing platforms. In: Samarati, P., et al. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 73–88. Springer, Heidelberg (2004)
Marchesini, J., et al.: Experimenting with TCPA/TCG hardware, or: How I learned to stop worrying and love the bear. Technical Report Dartmouth TR2003 -476, Dartmouth College (2003)
Marchesini, J., et al.: Open-source applications of TCPA hardware. In: Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004), pp. 294–303. IEEE Computer Society, Los Alamitos (2004)
Sailer, R., et al.: Design and implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 13th Usenix Security Symposium, pp. 223–238 (2004)
Sailer, R., et al.: Attestation-based policy enforcement for remote access. In: Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS 2004), pp. 308–317 (2004)
Sandhu, R., Zhang, X.: Peer-to-peer access control architecture using trusted computing technology. In: Proceedings of the 10th ACM Symposium on Access Control Models and Technologies (SACMAT 2005), pp. 147–158 (2005)
Zhang, X., Chen, S., Sandhu, R.: Enhancing data authenticity and integrity in p2p systems. IEEE Internet Computing 9(6), 42 (2005)
Sandhu, R., Ranganathan, K., Zhang, X.: Secure information sharing enabled by trusted computing and pei models. In: Proceedings of the 2006 ACM Conference on Computer and Communications Security (ASIACCS 2006), pp. 2–12. ACM Press, New York (2006)
Caleiro, C., Viganò, L., Basin, D.: Deconstructing Alice and Bob. In: Proceedings of the Workshop on Automated Reasoning for Security Protocol Analysis (ARSPA 2005). Electronic Notes in Theoretical Computer Science, vol. 135, pp. 3–22 (2005)
Lin, A.H.: Automated analysis of security APIs. Master’s thesis, Massachusetts Institute of Technology (2005)
Sevinç, P.E., Basin, D., Olderog, E.R.: Controlling access to documents: A formal access control model. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 352–367. Springer, Heidelberg (2006)
Sevinç, P.E., Basin, D.: Controlling access to documents: A formal access control model. Technical Report 517, ETH Zurich (2006)
Sevinç, P.E.: Securing Information by Controlling Access to Data in Documents. PhD thesis, ETH Zurich (2007)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 IFIP International Federation for Information Processing
About this paper
Cite this paper
Sevinç, P.E., Strasser, M., Basin, D. (2007). Securing the Distribution and Storage of Secrets with Trusted Platform Modules. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, JJ. (eds) Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems. WISTP 2007. Lecture Notes in Computer Science, vol 4462. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72354-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-72354-7_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72353-0
Online ISBN: 978-3-540-72354-7
eBook Packages: Computer ScienceComputer Science (R0)