|
 ABSTRACT
We address the problemof using an untrusted server with only a trusted timestamping device (TTD) to provide trusted storage for a large number of clients, where each client may own and use several different devices that may be offline at different times and may not be able to communicate with each other except through the untrusted server (over an untrusted network). We show how a TTD can be implemented using currently available Trusted Platform Module TPM 1.2 technology without having to assume trust in the BIOS, CPU, or OS of the TPM's server. We show how the TTD can be used to implement tamper-evident storagewhere clients are guaranteed to immediately detect illegitimate modifications to their data (including replay attacks and forking attacks) whenever they wish to perform a critical operation that relies on the freshness and validity of the data. In particular, we introduce and analyze a log-based scheme in which the TTD is used to securely implement a large number of virtual monotonic counters, which can then be used to time-stamp data and provide tamper-evident storage. We present performance results of an actual implementation using PlanetLab and a PC with a TPM 1.2 chip
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
|
| |
2
|
S. Balfe, A. Lakhani, and K. Paterson. Securing peer-to-peer networks using trusted computing. In C. Mitchell, editor, Trusted Computing, chapter 10. IEE, 2005.
|
| |
3
|
D. Bayer, S. Haber, and W. Stornetta. Improving the Efficiency and Reliability of Digital Time-Stamping. In Sequences II: Methods in Communication, Security, and Computer Science, pages 329--334, 1993.
|
 |
4
|
|
| |
5
|
|
| |
6
|
D. Clarke, S. Devadas, M. van Dijk, B. Gassend, and G. E. Suh. Incremental Multiset Hash Functions and their Application to Memory Integrity Checking. In Advances in Cryptology - Asiacrypt 2003 Proceedings, volume 2894 of LNCS. Springer-Verlag, 2003.
|
| |
7
|
A. Dent and G. Price. Certificate management using distributed trusted third parties. In C. Mitchell, editor, Trusted Computing, chapter 9. IEE, 2005.
|
| |
8
|
E. Gallery. An overview of trusted computing technology. In C. Mitchell, editor, Trusted Computing, chapter 3. IEE, 2005.
|
| |
9
|
|
| |
10
|
Mahesh Kallahalla , Erik Riedel , Ram Swaminathan , Qian Wang , Kevin Fu, Plutus: Scalable Secure File Sharing on Untrusted Storage, Proceedings of the 2nd USENIX Conference on File and Storage Technologies, March 31-31, 2003, San Francisco, CA
|
| |
11
|
Jinyuan Li , Maxwell Krohn , David Mazières , Dennis Shasha, Secure untrusted data repository (SUNDR), Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation, p.9-9, December 06-08, 2004, San Francisco, CA
|
| |
12
|
David Lie Chandramohan Thekkath , Mark Mitchell , Patrick Lincoln , Dan Boneh , John Mitchell , Mark Horowitz, Architectural support for copy and tamper resistant software, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.168-177, November 2000, Cambridge, Massachusetts, United States
|
| |
13
|
J. Marchesini, S. W. Smith, O. Wild, and R. MacDonald. Experimenting with TCPA/TCG Hardware, Or: How I Learned to Stop Worrying and Love The Bear. Technical Report TR2003-476, Dartmouth College, Computer Science, Hanover, NH, December 2003.
|
| |
14
|
|
| |
15
|
C. Mitchell, editor. Trusted Computing. The Institution of Electrical Engineers, 2005.
|
| |
16
|
M. Peinado, P. England, and Y. Chen. An overview of NGSCB. In C. Mitchell, editor, Trusted Computing, chapter 4. IEE, 2005.
|
| |
17
|
Reiner Sailer , Xiaolan Zhang , Trent Jaeger , Leendert van Doorn, Design and implementation of a TCG-based integrity measurement architecture, Proceedings of the 13th conference on USENIX Security Symposium, p.16-16, August 09-13, 2004, San Diego, CA
|
| |
18
|
L. F. G. Sarmenta and contributors. TPM/J: Java-based API for the Trusted Platform Module (TPM). http://projects.csail.mit.edu/tc/tpmj/, Dec. 2006.
|
| |
19
|
Luis F. G. Sarmenta , Marten van Dijk , Charles W. O'Donnell , Jonathan Rhodes , Srinivas Devadas, Virtual monotonic counters and count-limited objects using a TPM without a trusted OS, Proceedings of the first ACM workshop on Scalable trusted computing, November 03-03, 2006, Alexandria, Virginia, USA
[doi> 10.1145/1179474.1179485]
|
| |
20
|
|
| |
21
|
G. Edward Suh , Dwaine Clarke , Blaise Gassend , Marten van Dijk , Srinivas Devadas, AEGIS: architecture for tamper-evident and tamper-resistant processing, Proceedings of the 17th annual international conference on Supercomputing, June 23-26, 2003, San Francisco, CA, USA
[doi> 10.1145/782814.782838]
|
| |
22
|
The Trustees of Princeton University. PlanetLab - An open platform for developing, deploying, and accessing planetary-scale services. https://www.planet-lab.org/, 2007.
|
| |
23
|
Trusted Computing Group. Mobile Phone Specifications. https://www.trustedcomputinggroup.org/specs/mobilephone/.
|
| |
24
|
Trusted Computing Group. TPM v1.2 specification changes. https://www.trustedcomputinggroup.org/groups/tpm/TPM 1 2 Changes final.pdf, 2003.
|
| |
25
|
Trusted Computing Group. TCG TPM Specification version 1.2, Revisions 62--94 (Design Principles, Structures of the TPM, and Commands). https://www.trustedcomputinggroup.org/specs/TPM/, 2003-2006.
|
| |
26
|
M. van Dijk, L. Sarmenta, C. O¿Donnell, J. Rhodes, and S. Devadas. Proof of Freshness: How to efficiently use on online single secure clock to secure shared untrusted memory. Technical report, 2006.
|
| |
27
|
M. van Dijk, L. F. G. Sarmenta, J. Rhodes, and S. Devadas. Securing Shared Untrusted Storage by using TPM 1.2 Without Requiring a Trusted OS. Technical report, MIT CSAIL CSG Technical Memo 498, May 2007.
|
| |
28
|
B. S. Yee. Using Secure Coprocessors. PhD thesis, Carnegie Mellon University, 1994.
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
C.3