Bootstrapping Trust in a "Trusted" Platform

Bryan Parno

Abstract

For the last few years, many commodity computers have come equipped with a Trusted Platform Module (TPM). Existing research shows that the TPM can be used to establish trust in the software executing on a computer. However, at present, there is no standard mechanism for establishing trust in the TPM on a particular machine. Indeed, any straightforward approach falls victim to a Cuckoo attack. In this work, we propose a formal model for establishing trust in a platform. The model reveals the Cuckoo attack problem and suggests potential solutions. Unfortunately, no instantiation of these solutions is fully satisfying, and hence, we pose the development of a fully satisfactory solution as an open question to the community.

Details

Publication typeInproceedings
Published inProceedings of the 3rd USENIX Workshop on Hot Topics in Security (HotSec)
PublisherUSENIX
> Publications > Bootstrapping Trust in a "Trusted" Platform