Unbalanced tree‐formed verification data for trusted platforms

Fu, Donglai; Peng, Xinguang; Yang, Yan

doi:10.1002/sec.1385

Cited by 5 publications

(6 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this section, we present the evaluation on the integrity attestation of our scheme. We compare the efficiency of LPBHT with Xu et al's [26] Merkle hash tree (MHT), Zhang et al's Enhanced-MHT (E-MHT) [27], and Fu et al's stored measurement log (UBTS-SML) [29], both of which are configuration-based RA scheme and work for better efficiency. The MHT is an integrity measurement hash-tree scheme based on a balanced binary tree (BBT), which is a static measurement scheme with a very high attestation efficiency.…”

Section: Experiments and Results Analysismentioning

confidence: 99%

“…7c shows that as the number of updated nodes increases from 40 to 600 at the same time, the average updated path depth rises from 5 to 8, which is far more shortened than the depth value 14 in BBT. At last, we assume n at a [26] high static none high E-MHT [27] high dynamic low high UBTS-SML [29] high dynamic low high this paper high dynamic high high typical value, which is 8. With the strength of local principle iol increases, the efficiency of the RA is becoming better and better, which is shown in Fig.…”

Section: Experiments and Results Analysismentioning

confidence: 99%

“…Although the construction of the hash tree is optimised and the construction time of the hash tree is reduced, the model fails to improve the verification efficiency of RA. Taking into account of the access frequency of applications, Fu et al [29] proposed an UnBalanced Tree Scheme (UBTS)-stored measurement log (SML) construction method for unbalanced hash tree (UHT), which improved the verification efficiency of RA. However, this method needs to update the structure of the tree for each application request.…”

Section: Platform Integrity Attestationmentioning

confidence: 99%

See 2 more Smart Citations

Mutual authentication‐based RA scheme for embedded systems

Wang

Zhuang

Xia

2020

IET Information Security

View full text Add to dashboard Cite

Section: Experiments and Results Analysismentioning

confidence: 99%

Section: Experiments and Results Analysismentioning

confidence: 99%

Section: Platform Integrity Attestationmentioning

confidence: 99%

See 1 more Smart Citation

Mutual authentication‐based RA scheme for embedded systems

Wang

Zhuang

Xia

2020

IET Information Security

View full text Add to dashboard Cite

“…is promising technique can provide two important services, namely, secure storage and platform attestation. In recent years, we have conducted several studies [23][24][25][26] on platform attestation and its application. As another technical branch addressing the issue, a trusted environment is isolated in the CPU [27,28].…”

Section: Related Workmentioning

confidence: 99%

Remote Attestation on Behavioral Traces for Crowd Quality Control Based on Trusted Platform Module

Liu

2021

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

Behavioral traces of workers have emerged as a new evidence to check the quality of their produced outputs in crowd computing. Whether the evidence is trustworthy or not is a key problem during the process. Challenges will be encountered in addressing this issue, because the evidence comes from unknown or adversarial workers. In this study, we proposed an alternative approach to ensure trustworthy evidence through a hardware-based remote attestation to bridge the gap. The integrity of the evidence was used as the trustworthy criterion. Trusted Platform Module (TPM) was considered the trusted anchor inspired by trusted computing to avoid unreliable or malicious workers. The module carefully recorded and stored many workers’ behavioral traces in the storage measurement log (SML). Each item in the log was extended to a platform configuration register (PCR) by the occurrence sequence of each event. The PCR was a tamper-proof storage inside the TPM. The value of the PCR was also considered evidence together with the SML. The evidence was sent to the crowdsourcing platform with the TPM signature. The platform checked the integrity of the evidence by a series of operations, such as validating the signature and recomputing the SML hash. This process was designed as a remote attestation protocol. The effectiveness, efficiency, and security of the protocol were verified theoretically and through experiments based on the open dataset, WebCrowd25K, and custom dataset. Results show that the proposed method is an alternative solution for ensuring the integrity of behavioral traces.

show abstract

“…e Merkle hash tree is a fundamental technology in remote verification, which is flexible and protects privacy. Many research studies have proposed to assign different weights to the hash tree leaf nodes to achieve a better model [13,14]. However, the prior has not offered a feasible algorithm to compute and update the weight of each leaf node.…”

Section: Challengesmentioning

confidence: 99%

TZ-MRAS: A Remote Attestation Scheme for the Mobile Terminal Based on ARM TrustZone

Wang

Zhuang

Yan

2020

Security and Communication Networks

View full text Add to dashboard Cite

With the widespread use of mobile embedded devices in the Internet of Things, mobile office, and edge computing, security issues are becoming more and more serious. Remote attestation, one of the mobile security solutions, is a process of verifying the identity and integrity status of the remote computing device, through which the challenger determines whether the platform is trusted by discovering an unknown fingerprint. The remote attestation on the mobile terminal faces many security challenges presently because there is a lack of trusted roots, devices are heterogeneous, and hardware resources are strictly limited. To ARM’s mobile platform, we propose a mobile remote attestation scheme based on ARM TrustZone (TZ-MRAS), which uses the highest security authority of TrustZone to implement trusted attestation service. Compared with the existing mobile remote attestation scheme, it has the advantages of wide application, easy deployment, and low cost. To defend against the time-of-check-to-time-of-use (TOC-TOU) attack, we propose a probe-based dynamic integrity measurement model, ProbeIMA, which can dynamically detect unknown fingerprints that generate during kernel and process execution. Finally, according to the characteristics of the improved dynamic measurement model, that is, the ProbeIMA will expand the scale of the measurement dataset, an optimized stored measurement log construction algorithm based on the locality principle (LPSML) is proposed, which has the advantages of shortening the length of the authentication path and improving the verification efficiency of the platform configuration. As a proof of concept, we implemented a prototype for each service and made experimental evaluations. The experimental results show the proposed scheme has higher security and efficiency than some existing schemes.

show abstract

Unbalanced tree‐formed verification data for trusted platforms

Cited by 5 publications

References 19 publications

Mutual authentication‐based RA scheme for embedded systems

Mutual authentication‐based RA scheme for embedded systems

Remote Attestation on Behavioral Traces for Crowd Quality Control Based on Trusted Platform Module

TZ-MRAS: A Remote Attestation Scheme for the Mobile Terminal Based on ARM TrustZone

Contact Info

Product

Resources

About