Abstract
Trusted Software Stacks (TSS) are the interfaces between applications and Trusted Platform Modules (TPMs). In order to avoid wrong usage of the stacks which could lead to security holes, they should provide an easy-to-use interface for developers. Moreover, they should be designed in a flexible way to adapt to new requirements resulting from specification or algorithm changes. However, the currently specified TSS interface is highly complex and requires a vast amount of training effort for developers to get familiar with it. Moreover, existing stacks are monolithic blocks of software - they either support the full range of TPM functions which makes them large or they support a customized subset of features which reduces their scope of use. In this paper, we propose a novel design for a Trusted Software Stack (TSS) that can be integrated into existing security frameworks. Instead of designing a new application programming interface (API), our stack uses the APIs from well known and established frameworks, allowing developers that are not familiar with Trusted Computing (TC) to easily adapt to this new technology. Furthermore, our stack supports multiple TPMs, dynamic component loading and Over-The-Air updates that allow the stack to support customized sets of features even after it has been deployed in the field. Moreover, the stack provides built-in support for user authentication and TPM access control. Our prototype stack is developed for the .NET programming environment, thereby eliminating common implementation faults like buffer overflows. Due to the managed nature of the .NET runtime environment, it is portable between different operating systems and can be used on desktop systems as well as on embedded systems without the need for recompiling it for the specific target architecture.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Cross Platform, open source .NET development framework, http://www.mono-project.com/
IBM Software Trusted Platform Module, http://www.ibmswtpm.sourceforge.net/
The Legion of the Bouncy Castle, http://www.bouncycastle.org/
Mono credential passing, documentation http://www.go-mono.com/docs/index.aspx?tlink=18@ecmaf
OpenSSL API, http://www.openssl.org/
Software-based TPM Emulator, http://www.tpm-emulator.berlios.de/
TrouSerS, http://www.trousers.sourceforge.net/
Barthe, G., Fournet, C. (eds.): TGC 2007. LNCS, vol. 4912. Springer, Heidelberg (2008)
Dietrich, K.: Anonymous credentials for java enabled platforms: A performance evaluation. In: Chen, L., Yung, M. (eds.) INTRUST 2009. LNCS, vol. 6163, pp. 88–103. Springer, Heidelberg (2010)
IAIK. jTSS, http://www.trustedjava.sourceforge.net/
IAIK/OpenTC. jTSS Wrapper, http://www.trustedjava.sourceforge.net/
Microsoft. Microsoft cryptoapi and cryptographic service providers (2010), http://technet.microsoft.com/en-us/library/cc962093.aspx
Oracle. Java Cryptography Architecture, http://download.oracle.com/javase/1.5.0/docs/guide/security/CryptoSpec.html
Oracle. Java Cryptography Extension, http://download.oracle.com/javase/1.5.0/docs/guide/security/jce/JCERefGuide.html
PKCS#11: Cryptographic Token Interface Standard, CA. RSA Laboratories, Redwood City (2009), http://www.rsa.com/rsalabs/node.asp?id=2133
Stüble, C., Zaerin, A.: μTSS - A Simplified Trusted Software Stack (2010), http://www.sirrix.de/content/pages/forschungsarbeiten.htm
TCG. TCG Software Stack (TSS) Specification (March 7, 2007), specification http://www.trustedcomputinggroup.org/resources/tcg_software_stack_tss_specification , Specification version 1.2 Level 1 Errata A.
TCG. TPM Main Part 3 Commands (July 9, 2007), specification http://www.trustedcomputinggroup.org/resources/tpm_main_specification , Specification version 1.2 Level 2 Revision 103
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Reiter, A., Neubauer, G., Kapfenberger, M., Winter, J., Dietrich, K. (2011). Seamless Integration of Trusted Computing into Standard Cryptographic Frameworks. In: Chen, L., Yung, M. (eds) Trusted Systems. INTRUST 2010. Lecture Notes in Computer Science, vol 6802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25283-9_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-25283-9_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25282-2
Online ISBN: 978-3-642-25283-9
eBook Packages: Computer ScienceComputer Science (R0)