For the last few years, many commodity computers have come equipped with a Trusted Platform Module (TPM). Existing research shows that the TPM can be used to establish trust in the software executing on a computer. However, at present, there is no standard mechanism for establishing trust in the TPM on a particular machine. Indeed, any straightforward approach falls victim to a Cuckoo attack. In this work, we propose a formal model for establishing trust in a platform. The model reveals the Cuckoo attack problem and suggests potential solutions. Unfortunately, no instantiation of these solutions is fully satisfying, and hence, we pose the development of a fully satisfactory solution as an open question to the community.
In Proceedings of the 3rd USENIX Workshop on Hot Topics in Security (HotSec)
All copyrights reserved by USENIX 2008