SEDAT:Security Enhanced Device Attestation with TPM2.0

Dave, Avani; Wiseman, Monty; Safford, David

doi:10.48550/arxiv.2101.06362

Cited by 2 publications

(6 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We can for example mention the Evil Maid attack [46] which consists in capturing the device while it is left unattended (for example in a hotel room) and then making the desired alterations on the system. We can also note that protecting the system from these attacks is seldom considered [47], [48], [49], [50].…”

Section: ) General-purpose Computersmentioning

confidence: 99%

“…It is the element which is considered as de facto secure. In the case of secure boot this element can be a piece of software like a first stage bootloader [109], [110] or a hardware module like a TPM [46], [50], [111], [112], a smartcard [112], [113] or another hardware module [114], [115]. The next layer is measured by the current one then this measurement is verified.…”

Section: A Backgroundmentioning

confidence: 99%

“…TPM can be used as storage for cryptographic material and only allow its reading under certain conditions as in the approach of Hudson et al [46]. It can also be used to measure the integrity of the boot chain layers [50], [112], [124]. TPM have the advantage of being factory-integrated on recent generalpurpose computers and can be implemented on a large number of others.…”

Section: ) Special Hardware Requiredmentioning

confidence: 99%

“…The final value of a PCR is thus a chain of hashes of all the pieces of data that have been measured since the TPM was powered up, thus ensuring the integrity of the entire chain if the last hash is equal to the known good value. This method is used by Trammell Hudson [46] and Avani et al [50]. The main drawbacks of using an hardware TPM module are the usage of dedicated hardware increasing the cost of the final system, the reliance on a TPM chip manufacturer and the compatibility issues that may potentially exist with some platforms.…”

Section: ) Measurement Algorithmmentioning

confidence: 99%

“…The first idea is to use a ROM to store the first piece of code which will be executed and which will do the first measurement [50], [91], [114], [116]. The approaches of Adnan et al [109] and Haj-Yahya et al [55] store the First Stage BootLoader (FSBL, ie.…”

Section: ) First Measurement Stagementioning

confidence: 99%

See 4 more Smart Citations

Firmware Integrity Protection: A Survey

Marchand,

Imine,

Ouarnoughi

et al. 2023

IEEE Access

View full text Add to dashboard Cite

Over the last years, firmware integrity protection has significantly been addressed in various contexts such as internet of things, vehicles, wireless sensor networks and other systems. However, due to variety of studied systems, the proposed approaches often make divergent and sometimes even conflicting security assumptions. In this regard, we propose in this article a complete survey of the most relevant approaches addressing the firmware integrity protection regardless the considered system or field of application. We first organize the approaches in three main categories, depending on the protection type: 1. secure update, 2. attestation, and 3. secure boot. We then propose two new taxonomies, the first one concerns secure update mechanisms and the second one considers secure boot. Moreover, we extend the scope of an existing taxonomy for attestation mechanisms by studying new approaches and discussing limitations. Finally, we identify open research challenges and then give suggestions and guidelines on how to address them.

show abstract

Section: ) General-purpose Computersmentioning

confidence: 99%

Section: A Backgroundmentioning

confidence: 99%

Section: ) Special Hardware Requiredmentioning

confidence: 99%

Section: ) Measurement Algorithmmentioning

confidence: 99%

Section: ) First Measurement Stagementioning

confidence: 99%

See 3 more Smart Citations

Firmware Integrity Protection: A Survey

Marchand,

Imine,

Ouarnoughi

et al. 2023

IEEE Access

View full text Add to dashboard Cite

show abstract

Fortified-Grid: Fortifying Smart Grids through the Integration of the Trusted Platform Module in Internet of Things Devices

Sharma,

Joshi,

Mohanty

2023

Information

View full text Add to dashboard Cite

This paper presents a hardware-assisted security primitive that integrates the Trusted Platform Module (TPM) into IoT devices for authentication in smart grids. Data and device security plays a pivotal role in smart grids since they are vulnerable to various attacks that could risk grid failure. The proposed Fortified-Grid security primitive provides an innovative solution, leveraging the TPM for attestation coupled with standard X.509 certificates. This methodology serves a dual purpose, ensuring the authenticity of IoT devices and upholding software integrity, an indispensable foundation for any resilient smart grid security system. TPM is a hardware security module that can generate keys and store them with encryption so they cannot be compromised. Formal security verification has been performed using the random or real Oracle (ROR) model and widely accepted AVISPA simulation tool, while informal security verification uses the DY and CK adversary model. Fortified-Grid helps to validate the attested state of IoT devices with a minimal network overhead of 1984 bits.

show abstract

SEDAT:Security Enhanced Device Attestation with TPM2.0

Cited by 2 publications

References 8 publications

Firmware Integrity Protection: A Survey

Firmware Integrity Protection: A Survey

Fortified-Grid: Fortifying Smart Grids through the Integration of the Trusted Platform Module in Internet of Things Devices

Contact Info

Product

Resources

About