Remote Credential Management with Mutual Attestation for Trusted Execution Environments

Carlton Shepherd, Raja Naeem Akram, Konstantinos Markantonakis

Research output: Chapter in Book/Report/Conference proceedingConference contribution

166 Downloads (Pure)

Abstract

Trusted Execution Environments (TEEs) are rapidly emerging as a root-of-trust for protecting sensitive applications and data using hardware-backed isolated worlds of execution. TEEs provide robust assurances regarding critical algorithm execution, tamper-resistant credential storage, and platform integrity using remote attestation. However, the challenge of remotely managing credentials between TEEs remains largely unaddressed in existing literature. In this work, we present novel protocols using mutual attestation for supporting four aspects of secure remote credential management with TEEs: backups, updates, migration, and revocation. The proposed protocols are agnostic to the underlying TEE implementation and subjected to formal verification using Scyther, which found no attacks.
Original languageEnglish
Title of host publication12th IFIP International Conference on Information Security Theory and Practice (WISTP '18)
PublisherSpringer
Pages157-173
Number of pages17
ISBN (Electronic)978-3-030-20074-9
ISBN (Print)978-3-030-20073-2
DOIs
Publication statusE-pub ahead of print - 12 May 2019
Event12th IFIP International Conference on Information Security Theory and Practice - Brussels, Belgium
Duration: 10 Dec 201811 Dec 2018

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume11469

Conference

Conference12th IFIP International Conference on Information Security Theory and Practice
Abbreviated titleWISTP '18
Country/TerritoryBelgium
CityBrussels
Period10/12/1811/12/18

Cite this