Projects per year
Abstract
Remote attestation is the process in which one computing system, known as the prover, supplies evidence about some claim to another computing system, known as the verifier, which may be located at a remote location. For example, in claiming to be in a correct software state, the prover might supply evidence in the form of a measurement of its current software, or in claiming that a specific trusted authority has given it certain rights, it might supply a cryptographic signature produced by that authority. It is a valuable tool for maintaining the trustworthiness and security of devices and systems in the digital age. However, one major challenge that needs to be addressed to encourage wider adoption of certain remote attestation protocols is privacy. Remote attestation often requires the exchange of sensitive information, which can compromise the privacy of the parties involved and discourage adoption in privacy-critical sectors. This PhD thesis focuses on developing enhanced remote attestation protocols that address the privacy challenge inherent in remote attestation by leveraging Trusted Computing and Privacy-Enhancing Technologies (PETs). The main protocols include: a Trusted Platform Module (TPM)-based protocol that gives verifiers assurance of a platform’s configuration integrity without revealing any platform information; a Control-Flow Attestation (CFA) protocol based on Verifiable Computation that enables even the most resourceconstrained computing systems to prove the correct execution of security-critical programs without disclosing any program details; and a protocol that joins commit-carrying zkSNARKs and designated-verifier proofs with Anonymous Credentials as a more privacyrespecting and expressive alternative to traditional authentication protocols. The aim of these enhanced remote attestation protocols is to encourage wider adoption of remote attestation in this connected world by providing a way for verifiers to reason about a remote prover in a privacy-respecting way without sacrificing security.
Original language | English |
---|
Publisher | Technical University of Denmark |
---|---|
Number of pages | 135 |
Publication status | Published - 2022 |
Fingerprint
Dive into the research topics of 'Convincing Without Revealing: Strategies for Facilitating Remote Attestation under Weakened Trust Assumptions using Privacy-Enhancing Technologies'. Together they form a unique fingerprint.Projects
- 1 Finished
-
Security, Privacy and Trust Issues in Fog Computing
Debes, H. B. (PhD Student), Chen, L. (Examiner), Sadeghi, A.-R. (Examiner), Jensen, C. D. (Main Supervisor) & Giannetsos, A. (Supervisor)
01/01/2020 → 31/08/2023
Project: PhD