Protocols for a two-tiered trusted computing base

Jose Moreira-Sanchez; Mark Ryan; Flavio Garcia

doi:10.1007/978-3-031-17143-7_12

Protocols for a two-tiered trusted computing base

Jose Moreira-Sanchez^*, Mark Ryan, Flavio Garcia

^*Corresponding author for this work

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

23 Downloads (Pure)

Abstract

A trusted computing base (TCB) is the minimum set of hardware and software components which are inherently trusted by a platform, and upon which more complex secure services can be built. The TCB is secure by definition, and it is typically implemented through hardened hardware components, which ensure that their secret data cannot be compromised. In this paper, we propose and investigate a two-tier TCB architecture that benefits both from a small hardened `minimal' TCB, but also offers the possibility of integrating complex security services into an `extended' TCB. Our design includes a collection of protocols to ensure (1) secure update of the components, (2) secure boot of the platform, (3) attestation, and (4) detection of powerful attackers that can corrupt memory regions together with a (highly probable) platform recovery mechanism after such an attack. The protocols have been formally modelled, and we provide a collection of security properties that have been verified using the automatic protocol verifier ProVerif.

Original language	English
Title of host publication	Computer Security – ESORICS 2022
Subtitle of host publication	27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part III
Editors	Vijayalakshmi Atluri, Roberto Di Pietro, Christian D. Jensen, Weizhi Meng
Place of Publication	Cham
Publisher	Springer
Pages	229–249
Number of pages	21
Edition	1
ISBN (Electronic)	9783031171437
ISBN (Print)	9783031171420
DOIs	https://doi.org/10.1007/978-3-031-17143-7_12
Publication status	Published - 24 Sept 2022
Event	27th European Symposium on Research in Computer Security - Copenhagen, Denmark Duration: 26 Sept 2022 → 30 Sept 2022

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	13556
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	27th European Symposium on Research in Computer Security
Abbreviated title	ESORICS 2022
Country/Territory	Denmark
City	Copenhagen
Period	26/09/22 → 30/09/22

Keywords

Trusted computing base
Secure boot
Remote attestation
Formal modelling

Access to Document

10.1007/978-3-031-17143-7_12Licence: None: All rights reserved

MoreiraSanchezJ2022Protocols
This version of the contribution has been accepted for publication, after peer review (when applicable) but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record is available online at: http://dx.doi.org/ 10.1007/978-3-031-17143-7_12. Use of this Accepted Version is subject to the publisher’s Accepted Manuscript terms of use https://www.springernature.com/gp/open-research/policies/accepted-manuscript-terms”
Accepted author manuscript, 864 KBLicence: Other (please specify with Rights Statement)

2 Finished
2 Active

CAP-TEE: Capability Architectures in Trusted Execution
Ryan, M., Thomas, R., Ordean, M., Garcia, F., Oswald, D., Muench, M. & Sinha Roy, S.
Engineering & Physical Science Research Council
12/08/20 → 30/11/24
Project: Research Councils
User-controlled hardware security anchors: evaluation and designs
Garcia, F., Oswald, D. & Ryan, M.
Hewlett-Packard Incorporated Uk Ltd, Engineering & Physical Science Research Council
1/02/18 → 31/07/24
Project: Research
SIPP - Secure IoT Processor Platform with Remote Attestation
Oswald, D. & Ryan, M.
Engineering & Physical Science Research Council
1/12/19 → 30/11/23
Project: Research Councils
Cyber Security for the Vehicles of Tomorrow
Garcia, F.
Engineering & Physical Science Research Council
1/06/18 → 30/11/23
Project: Research Councils

Cite this

Moreira-Sanchez, J., Ryan, M., & Garcia, F. (2022). Protocols for a two-tiered trusted computing base. In V. Atluri, R. Di Pietro, C. D. Jensen, & W. Meng (Eds.), Computer Security – ESORICS 2022: 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part III (1 ed., pp. 229–249). (Lecture Notes in Computer Science; Vol. 13556). Springer. Advance online publication. https://doi.org/10.1007/978-3-031-17143-7_12

Moreira-Sanchez, Jose ; Ryan, Mark ; Garcia, Flavio. / Protocols for a two-tiered trusted computing base. Computer Security – ESORICS 2022: 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part III. editor / Vijayalakshmi Atluri ; Roberto Di Pietro ; Christian D. Jensen ; Weizhi Meng. 1. ed. Cham : Springer, 2022. pp. 229–249 (Lecture Notes in Computer Science).

@inproceedings{3957143a7c0048f2b7441d15beb6cd52,

title = "Protocols for a two-tiered trusted computing base",

abstract = "A trusted computing base (TCB) is the minimum set of hardware and software components which are inherently trusted by a platform, and upon which more complex secure services can be built. The TCB is secure by definition, and it is typically implemented through hardened hardware components, which ensure that their secret data cannot be compromised. In this paper, we propose and investigate a two-tier TCB architecture that benefits both from a small hardened `minimal' TCB, but also offers the possibility of integrating complex security services into an `extended' TCB. Our design includes a collection of protocols to ensure (1) secure update of the components, (2) secure boot of the platform, (3) attestation, and (4) detection of powerful attackers that can corrupt memory regions together with a (highly probable) platform recovery mechanism after such an attack. The protocols have been formally modelled, and we provide a collection of security properties that have been verified using the automatic protocol verifier ProVerif.",

keywords = "Trusted computing base, Secure boot, Remote attestation, Formal modelling",

author = "Jose Moreira-Sanchez and Mark Ryan and Flavio Garcia",

year = "2022",

month = sep,

day = "24",

doi = "10.1007/978-3-031-17143-7_12",

language = "English",

isbn = "9783031171420",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "229–249",

editor = "Atluri, {Vijayalakshmi } and {Di Pietro}, {Roberto } and {D. Jensen}, {Christian } and Meng, {Weizhi }",

booktitle = "Computer Security – ESORICS 2022",

edition = "1",

note = "27th European Symposium on Research in Computer Security, ESORICS 2022 ; Conference date: 26-09-2022 Through 30-09-2022",

}

Moreira-Sanchez, J, Ryan, M & Garcia, F 2022, Protocols for a two-tiered trusted computing base. in V Atluri, R Di Pietro, C D. Jensen & W Meng (eds), Computer Security – ESORICS 2022: 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part III. 1 edn, Lecture Notes in Computer Science, vol. 13556, Springer, Cham, pp. 229–249, 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, 26/09/22. https://doi.org/10.1007/978-3-031-17143-7_12

Protocols for a two-tiered trusted computing base. / Moreira-Sanchez, Jose; Ryan, Mark ; Garcia, Flavio.
Computer Security – ESORICS 2022: 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part III. ed. / Vijayalakshmi Atluri; Roberto Di Pietro; Christian D. Jensen; Weizhi Meng. 1. ed. Cham: Springer, 2022. p. 229–249 (Lecture Notes in Computer Science; Vol. 13556).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Protocols for a two-tiered trusted computing base

AU - Moreira-Sanchez, Jose

AU - Ryan, Mark

AU - Garcia, Flavio

PY - 2022/9/24

Y1 - 2022/9/24

N2 - A trusted computing base (TCB) is the minimum set of hardware and software components which are inherently trusted by a platform, and upon which more complex secure services can be built. The TCB is secure by definition, and it is typically implemented through hardened hardware components, which ensure that their secret data cannot be compromised. In this paper, we propose and investigate a two-tier TCB architecture that benefits both from a small hardened `minimal' TCB, but also offers the possibility of integrating complex security services into an `extended' TCB. Our design includes a collection of protocols to ensure (1) secure update of the components, (2) secure boot of the platform, (3) attestation, and (4) detection of powerful attackers that can corrupt memory regions together with a (highly probable) platform recovery mechanism after such an attack. The protocols have been formally modelled, and we provide a collection of security properties that have been verified using the automatic protocol verifier ProVerif.

AB - A trusted computing base (TCB) is the minimum set of hardware and software components which are inherently trusted by a platform, and upon which more complex secure services can be built. The TCB is secure by definition, and it is typically implemented through hardened hardware components, which ensure that their secret data cannot be compromised. In this paper, we propose and investigate a two-tier TCB architecture that benefits both from a small hardened `minimal' TCB, but also offers the possibility of integrating complex security services into an `extended' TCB. Our design includes a collection of protocols to ensure (1) secure update of the components, (2) secure boot of the platform, (3) attestation, and (4) detection of powerful attackers that can corrupt memory regions together with a (highly probable) platform recovery mechanism after such an attack. The protocols have been formally modelled, and we provide a collection of security properties that have been verified using the automatic protocol verifier ProVerif.

KW - Trusted computing base

KW - Secure boot

KW - Remote attestation

KW - Formal modelling

U2 - 10.1007/978-3-031-17143-7_12

DO - 10.1007/978-3-031-17143-7_12

M3 - Conference contribution

SN - 9783031171420

T3 - Lecture Notes in Computer Science

SP - 229

EP - 249

BT - Computer Security – ESORICS 2022

A2 - Atluri, Vijayalakshmi

A2 - Di Pietro, Roberto

A2 - D. Jensen, Christian

A2 - Meng, Weizhi

PB - Springer

CY - Cham

T2 - 27th European Symposium on Research in Computer Security

Y2 - 26 September 2022 through 30 September 2022

ER -

Moreira-Sanchez J, Ryan M , Garcia F. Protocols for a two-tiered trusted computing base. In Atluri V, Di Pietro R, D. Jensen C, Meng W, editors, Computer Security – ESORICS 2022: 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part III. 1 ed. Cham: Springer. 2022. p. 229–249. (Lecture Notes in Computer Science). Epub 2022 Sept 24. doi: 10.1007/978-3-031-17143-7_12

Protocols for a two-tiered trusted computing base

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Projects

CAP-TEE: Capability Architectures in Trusted Execution

User-controlled hardware security anchors: evaluation and designs

SIPP - Secure IoT Processor Platform with Remote Attestation

Cyber Security for the Vehicles of Tomorrow

Cite this