Rigorously proving security of protocols that rely on this type of hardware faces two obstacles. The first is to develop models appropriate for the induced trust assumptions (e.g., what is the correct notion of a party when the peer one wishes to communicate with is a specific instance of an an outsourced program). The second is to develop scalable analysis methods, as the inherent stateful nature of the platforms precludes the application of existing modular analysis techniques that require high degrees of independence between the components.
We give the first steps in this direction by studying three cryptographic tools which have been commonly associated with this new generation of trusted hardware solutions. Specifically, we provide formal security definitions, generic constructions and security analysis for attested computation, key-exchange for attestation and secure outsourced computation. Our approach is incremental: each of the concepts relies on the previous ones according to an approach that is quasi-modular. For example we show how to build a secure outsourced computation scheme from an arbitrary attestation protocol combined together with a key-exchange and an encryption scheme.Category / Keywords: cryptographic protocols / isolated execution environments, trusted hardware, attestation, foundations Original Publication (with major differences): 1st IEEE European Symposium on Security and Privacy, EuroSP 2016 Date: received 7 Jan 2016 Contact author: guillaume scerri at bristol ac uk Available format(s): PDF | BibTeX Citation Version: 20160107:144048 (All versions of this report) Short URL: ia.cr/2016/014 Discussion forum: Show discussion | Start new discussion