Remote Attestation On Legacy Operating Systems With Trusted Platform Modules

摘要

A lot of progress has been made to secure network communication,e.g.,through the use of cryptographic algorithms.However,this offers only a partial solution as long as the communicating end points still suffer from security problems.A number of applications require remote verification of software executing on an untrusted platform.Trusted computing solutions propose to solve this problem through software and hardware changes,typically a secure operating system and the addition of a secure coprocessor,respectively.On the other hand,timed execution of code checksum calculations aims for a solution on legacy platforms,but can not provide strong security assurance.We present a mixed solution by using the trusted computing hardware,namely the time stamping functionality of the Trusted Platform Module (TPM),in combination with a timing-based remote code integrity verification mechanism.In this way,the overall security of the timed execution scheme can be improved without requiring a secure operating system.