70 Hits in 6.3 sec

TPM-FAIL: TPM meets Timing and Lattice Attacks [article]

Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, Nadia Heninger
2019 arXiv   pre-print
We further highlight the impact of these vulnerabilities by demonstrating a remote attack against a StrongSwan IPsec VPN that uses a TPM to generate the digital signatures for authentication.  ...  In this work, we perform a black-box timing analysis of TPM 2.0 devices deployed on commodity computers.  ...  Acknowledgments We thank Lejla Batina and the anonymous reviewers for their valuable comments for improving the quality of this paper.  ... 
arXiv:1911.05673v1 fatcat:55jhnkpkzjhptcpkhbongn6dta

One TPM to Bind Them All: Fixing TPM 2.0 for Provably Secure Anonymous Attestation

Jan Camenisch, Liqun Chen, Manu Drijvers, Anja Lehmann, David Novick, Rainer Urian
2017 2017 IEEE Symposium on Security and Privacy (SP)  
The specification of the most recent TPM 2.0 interfaces for direct anonymous attestation unfortunately has a number of severe shortcomings.  ...  Second, they provide a Diffie-Hellman oracle w.r.t. the secret key of the TPM, weakening the security and preventing forward anonymity of attestations.  ...  PROVABLY SECURE DAA SCHEMES We now show how to use the proposed TPM interfaces to build provably secure direct anonymous attestation protocols.  ... 
doi:10.1109/sp.2017.22 dblp:conf/sp/CamenischCDLNU17 fatcat:ed6na7g5kfbg3dxuxb2sz5v3ey

Securing Soft IP Cores in FPGA based Reconfigurable Mobile Heterogeneous Systems [article]

Alberto Carelli, Cataldo Basile, Alessandro Savino, Alessandro Vallero, Stefano Di Carlo
2019 arXiv   pre-print
Finally, we provide a prototype implementation of the proposed architectures.  ...  scenario requiring trust relationship between entities, and a more complex scenario where no trust relationship exists through adoption of the Direct Anonymous Attestation protocol.  ...  A recent side channel attack on TPM 2.0 devices is presented in [58] , where the authors are able to recover 256bit private keys for ECDSA signatures Intel firmware-based TPM as well as a hardware TPM  ... 
arXiv:1912.00696v1 fatcat:hzog3clk7ngwvi73f4jj4djpry

Research on Linux Trusted Boot Method Based on Reverse Integrity Verification

Chenlin Huang, Chuanwang Hou, Huadong Dai, Yan Ding, Songling Fu, Mengluo Ji
2016 Scientific Programming  
Trusted computing aims to build a trusted computing environment for information systems with the help of secure hardware TPM, which has been proved to be an effective way against network security threats  ...  To solve the problem of lacking trusted hardware in existing computing platform, an alternative security hardware USBKey is introduced in this paper to simulate the basic functions of TPM and a new reverse  ...  In 2004, Brickell and other scholars proposed TPM-based direct anonymous attestation (DAA) program [13] , which utilized zero-knowledge proof and group signature technology to prove the identity of the  ... 
doi:10.1155/2016/4516596 fatcat:hibiqvpyb5hurakz5hzi2fdqja

Anonymous Attestation Using the Strong Diffie Hellman Assumption Revisited [chapter]

Jan Camenisch, Manu Drijvers, Anja Lehmann
2016 Lecture Notes in Computer Science  
Direct Anonymous Attestation (DAA) is a cryptographic protocol for privacy-protecting authentication. It is standardized in the TPM standard and implemented in millions of chips.  ...  As a side-result of independent interest, we prove that the BBS+ signature scheme is secure in the type-3 pairing setting, allowing for our scheme to be used with the most efficient pairing-friendly curves  ...  Introduction Direct anonymous attestation (DAA) is a cryptographic authentication protocol that lets a platform, consisting of a secure element and a host, create anonymous attestations.  ... 
doi:10.1007/978-3-319-45572-3_1 fatcat:vxmeefeybff4jdxyfyv7lgua3u

Universally Composable Direct Anonymous Attestation [chapter]

Jan Camenisch, Manu Drijvers, Anja Lehmann
2016 Lecture Notes in Computer Science  
Direct Anonymous Attestation (DAA) is one of the most complex cryptographic algorithms that has been deployed in practice.  ...  We therefore propose a realization that is based on a DAA scheme supported by the TPM 2.0 standard and prove it secure in our model. An extended abstract of this work was published at PKC2016.  ...  Introduction Direct Anonymous Attestation (DAA) allows a small chip, the Trusted Platform Module (TPM), that is embedded in a host computer to create attestations about the state of the host system.  ... 
doi:10.1007/978-3-662-49387-8_10 fatcat:ilfx45lxzjbl3pxtyjyui2htcu

Shared Mobility for Transport and Its Environmental Impact VeSIPreS: A Vehicular Soft Integrity Preservation Scheme for Shared Mobility

Valaenthin Tratter, Mudassar Aslam, Shahid Raza, Qi-zhou Hu
2021 Journal of Advanced Transportation  
This paper also provides a proof-of-concept implementation with a TPM, demonstrating its application and deployment feasibility and presentig a security analysis to show the security of VeSIPreS.  ...  VeSIPreS uses Trusted Platform Module (TPM) in the central gateway, which anchors trust in our proposed solution.  ...  Conflicts of Interest e authors declare that they have no conflicts of interest. Journal of Advanced Transportation  ... 
doi:10.1155/2021/5569331 fatcat:xzbpj2vxobcr7lkd7t2jdz7hui

Formal Analysis of Enhanced Authorization in the TPM 2.0

Jianxiong Shao, Yu Qin, Dengguo Feng, Weijin Wang
2015 Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security - ASIA CCS '15  
In our paper, we conduct a formal verification of the EA mechanism. Firstly, we propose a model of the TPM 2.0 EA mechanism in a variant of the applied pi calculus.  ...  Enhanced Authorization (EA) is a new mechanism introduced by the TPM 2.0 to provide a rich authorization model for specifying flexible access control policies for TPM-resident objects.  ...  Acknowledgments We would like to thank all the anonymous reviewers who have reviewed our work and have provided us with valuable feedbacks.  ... 
doi:10.1145/2714576.2714610 dblp:conf/ccs/ShaoQFW15 fatcat:nq35btrz3rcu3a6og6n4zjlr3m

P4G2Go: A Privacy-Preserving Scheme for Roaming Energy Consumers of the Smart Grid-to-Go

Aristeidis Farao, Eleni Veroni, Christoforos Ntantogian, Christos Xenakis
2021 Sensors  
Our scheme is complemented by the MASKER protocol, used to protect the consumption readings, and the FIDO2 protocol for strong and passwordless authentication.  ...  We have implemented the main components of P4G2Go, to quantitatively assess its performance.  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/s21082686 pmid:33920337 fatcat:be7kfo5cjrelnmsfe6rnqxatlm

A Cryptographic Mutual Authentication Scheme for Web Applications

Yassine Sadqi, Ahmed Asimi, Younes Asimi
2014 International journal of network security and its applications  
The majority of current web authentication is built on username/password. Unfortunately, password replacement offers more security, but it is difficult to use and expensive to deploy.  ...  In this paper, we propose a new mutual authentication scheme called StrongAuth which preserves most password authentication advantages and simultaneously improves security using cryptographic primitives  ...  The lack of a standard form-based authentication and the limited security background of webmasters, has created a set of unique design and implementation choices, which contain various authentication flaws  ... 
doi:10.5121/ijnsa.2014.6601 fatcat:wx3xukfdabduddsp34juq6vwp4

Survey on cyberspace security

HuanGuo Zhang, WenBao Han, XueJia Lai, DongDai Lin, JianFeng Ma, JianHua Li
2015 Science China Information Sciences  
This paper gives a comprehensive introduction to research and development in this field, with a description of existing problems and some currently active research topics in the areas of cyberspace itself  ...  Cyberspace is the collection of all information systems; it is the information environment for human survival. Therefore, it is necessary to ensure the security of cyberspace.  ...  Acknowledgements This work was supported by National Natural Science Foundation of China (Grant Nos. 2014CB340601, 61332019, 61379139, U1135002, U1405255, 61431008, 2013CB329603).  ... 
doi:10.1007/s11432-015-5433-4 fatcat:b2tv6gvovngxhlz7iukug2ehiy

Authentication for Integrated Circuit and Devices Using Blockchain and Physical Unclonable Functions

Alessandro Augusto Nunes Campos, Tales Cleber Pimenta
2022 Journal of Integrated Circuits and Systems  
This work presents a new integration of two technologies: Blockchains networks, which implement a kind of decentralized and inviolable database, which can increase resilience, security and guarantee against  ...  In this sense, there is a constant and growing demand for new solutions that can allow reliability in the use and authenticity of components and devices.  ...  This belief is supported a lot of times by the use of Trusted Platform Module (TPMs) and Hardware Secure Modules (HSMs), which are devices designed with high-security platforms for critical processes  ... 
doi:10.29292/jics.v17i1.555 fatcat:4vipfu64ejhynnwmmkkwgv6c5a

A Comprehensive Formal Security Analysis and Revision of the Two-phase Key Exchange Primitive of TPM 2.0 [article]

Qianying Zhang, Shijun Zhao
2020 arXiv   pre-print
The Trusted Platform Module (TPM) version 2.0 provides a two-phase key exchange primitive which can be used to implement three widely-standardized authenticated key exchange protocols: the Full Unified  ...  To make TPM 2.0 applicable to real-world networks, we present a revision of the key exchange primitive of TPM 2.0, which can be secure without the limiting conditions.  ...  To prevent active attacks, AKE protocols usually use digital signatures or message authentication codes (MAC) to explicitly authenticate the messages exchanged [8] [9] [10] [11] .  ... 
arXiv:1906.06653v2 fatcat:sdhbtf43fvb5feeazo7exw2vzu

Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues

Pardeep Kumar, Yun Lin, Guangdong Bai, Andrew Paverd, Jin Song Dong, Andrew Martin
2019 IEEE Communications Surveys and Tutorials  
Based on the presented threats, we derive a set of security and privacy requirements for SG metering networks.  ...  Specifically, we present a threat taxonomy considering: (i) threats in system-level security, (ii) threats and/or theft of services, and (iii) threats to privacy.  ...  authentication Cons: implements only a limited subset security functionalities, lack of security analysis  ... 
doi:10.1109/comst.2019.2899354 fatcat:67bz5glcfbbldpqagxmhvy2ssm

PRESTvO: PRivacy Enabled Smartphone based access To vehicle On-board units

Bogdan Groza, Tudor Andreica, Adriana Berdich, Pal-Stefan Murvay, Horatiu Gurban
2020 IEEE Access  
Further, to assure the appropriate security, we develop a protocol suite using identity-based cryptography and we rely on group signatures which preserve the anonymity of group members thus assuring privacy  ...  We use a rights-based access control policy for in-vehicle functionalities similar to the case of a file allocation table of a contemporary OS, in which read, write or execute operations can be performed  ...  But as for future, more practical embodiments of our work, the use of specific Android security mechanisms or relying on hardware security, e.g., TPM 2.0 functions, may be projected.  ... 
doi:10.1109/access.2020.3003574 fatcat:iewrjgwvjrguljmihye52qqeau
« Previous Showing results 1 — 15 out of 70 results