Authenticated Operation of Open Computing Devices
We describe how an open computing device can be extended to allow individual programs and operating systems to have exclusive access to cryptographic keys. This problem is of fundamental importance in areas such as virus protection, protection of servers from network attacks, network administration and copy protection. We seek a system that can be unconditionally robust against software attacks. This requires measures in hardware and in software. Our analysis allows us to minimize the amount of additional hardware needed to support the system.
KeywordsComputing Device Central Processing Unit Access Control Policy Access Control Model Exclusive Access
Unable to display preview. Download preview PDF.
- 1.DOD 5200.28-STD. Department of defense trusted computer system evaluation criteria. December 1985.Google Scholar
- 2.Trusted Computing Platform Alliance. TCPA main specification version 1.1. http://www.trustedpc.org, 2001.
- 3.W. A. Arbaugh, D. J. Faber, and J. M. Smith. A secure and reliable bootstrap architecture. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 65–71, 1997.Google Scholar
- 4.D. Aucsmith. Tamper-resistant software: An implementation. In Ross Anderson, editor, Information hiding: first international workshop, Cambridge, U.K., volume 1174 of Lecture Notes in Computer Science, pages 317–333. Springer-Verlag, 1996.Google Scholar
- 5.B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan, and K. Yang. On the (im)possibility of obfuscating programs. In Advances in Cryptology-CRYPTO 2001, pages 1–18. Springer-Verlag, 2001.Google Scholar
- 6.M. Bellare, R. Canetti, and H. Krawczyk. Keying hash functions for message authentication. In Advances in Cryptology-Crypto’96, number 1109 in Lecture Notes in CS, 1996.Google Scholar
- 7.P. England, J. DeTreville, and B. Lampson. A trusted open platform. Unpublished.Google Scholar
- 8.N. Itoi, W. A. Arbaugh, S. J. Pollack, and D. M. Reeves. Personal secure booting. In V. Varadharajan and Y. Mu, editors, Information Security and Privacy-6th Australasian Conference, ACISP 2001. Springer-Verlag, 2001.Google Scholar
- 10.B. Lampson, M. Abadi, and M. Burrows. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10:265–310, November 1992.Google Scholar
- 11.A. Menezes, P. van Oorschot, and S. Vanstone. Handbook of Applied Cryptography. CRC Press, 1997.Google Scholar
- 12.S. W. Smith and V. Austel. Trusting trusted hardware: Towards a formal model for programmable secure coprocessors. In Proceedings of the Third USENIX Workshop on Electronic Commerce, pages 83–98, 1998.Google Scholar
- 13.S. W. Smith, E. R. Palmer, and S. Weingart. Using a high-performance, programmable secure coprocessor. In Proceedings of the Second International Conference on Financial Cryptography. Springer-Verlag, 1998.Google Scholar
- 15.B. Yee. Using Secure Coprocessors. PhD thesis, Carnegie Mellon University, 1994.Google Scholar