A Simple Protocol for Remote Attestation of System Integrity - Roberto Sassu, Huawei Technologies Duesseldorf GmbH
TPM keys can be sealed to the platform state. However, the state cannot include measurements done by Integrity Measurement Architecture (IMA), as file accesses are unpredictable. The proposed IMA Digest Lists extension overcomes this issue by preloading reference measurements from software vendors into the kernel memory and reporting only unknown file accesses. This talk proposes a simple solution for remote attestation that does not require dedicated servers. An endpoint of a TLS channel can implicitly prove to the other endpoint its integrity by performing the handshake, and by providing an X.509 extension from TCG, Subject Key Attestation Evidence (SKAE), certifying that the handshake is done with a TPM key, sealed to a good system state. The talk shows how the feasibility issue of conventional solutions has been addressed and details the tradeoffs made to accomplish the objective.
About Roberto Sassu
Roberto Sassu received a MsC in Information Security in 2008 and worked as a research assistant until 2014. He published and presented papers on Trusted Computing at STC'11 and TrustCom 2014. He also participated to several European projects (OpenTC, TClouds, SECURED and FutureTPM). After working at SUSE Linux from 2015 to 2017, he joined Huawei in 2017 and contributes to the integration of Trusted Computing technologies into products.