Search CORE

83 research outputs found

Tree-formed Verification Data for Trusted Platforms

Author: Andreas Brett
Andreas Leicher
Andreas U. Schmidt
Arbaugh
Buldas
Buldas
Cabuk
Cha
Chan
Chen
Clarke
Deng
Elbaz
England
Ferrante
Garfinkel
Gassend
Gondrom
Hu
Inhyok Cha
Kuck
Kunz
Lampson
Lie
Lie
Lo Presti
Maheshwari
Maniatis
Merkle
Merkle
Pirker
Poritz
Portegys
Sadeghi
Sailer
Sarmenta
Sayers
Schmidt
Schmidt
Schmidt
Schneier
Schneier
Shieh
Stanley
Strasser
Tasker
Trusted Computing Group
Trusted Computing Group
Trusted Computing Group
Trusted Computing Group
Trusted Computing Group
Trusted Computing Group
Williams
Williams
Yogendra Shah
Publication venue: 'Elsevier BV'
Publication date: 18/10/2012
Field of study

The establishment of trust relationships to a computing platform relies on validation processes. Validation allows an external entity to build trust in the expected behaviour of the platform based on provided evidence of the platform's configuration. In a process like remote attestation, the 'trusted' platform submits verification data created during a start up process. These data consist of hardware-protected values of platform configuration registers, containing nested measurement values, e.g., hash values, of loaded or started components. Commonly, the register values are created in linear order by a hardware-secured operation. Fine-grained diagnosis of components, based on the linear order of verification data and associated measurement logs, is not optimal. We propose a method to use tree-formed verification data to validate a platform. Component measurement values represent leaves, and protected registers represent roots of a hash tree. We describe the basic mechanism of validating a platform using tree-formed measurement logs and root registers and show an logarithmic speed-up for the search of faults. Secure creation of a tree is possible using a limited number of hardware-protected registers and a single protected operation. In this way, the security of tree-formed verification data is maintained.Comment: 15 pages, 11 figures, v3: Reference added, v4: Revised, accepted for publication in Computers and Securit

arXiv.org e-Print Archive

Crossref

A Blockchain-Assisted Hash-Based Signature Scheme

Author: A Buldas
A Buldas
A Buldas
A Buldas
A Buldas
A Buldas
A Hülsing
A Hülsing
A Hülsing
A Perrig
C Dods
DJ Bernstein
E Dahmen
J Buchmann
J Buchmann
J Buchmann
J Camenisch
JA Buchmann
K Bicakci
L Reyzin
M Blum
N Asokan
R Tamassia
RC Merkle
RJ Anderson
S Even
S Haber
T Malkin
W Diffie
Publication venue: International Association for Cryptologic Research (IACR)
Publication date: 06/06/2019
Field of study

We present a server-supported, hash-based digital signature scheme. To achieve greater efficiency than current state of the art, we relax the security model somewhat. We postulate a set of design requirements, discuss some approaches and their practicality, and finally reach a forward-secure scheme with only modest trust assumptions, achieved by employing the concepts of authenticated data structures and blockchains. The concepts of blockchain authenticated data structures and the presented blockchain design could have independent value and are worth further research

Crossref

Cryptology ePrint Archive