Remote Credential Management with Mutual Attestation for Trusted Execution Environments

Abstract : Trusted Execution Environments (TEEs) are rapidly emerging as a root-of-trust for protecting sensitive applications and data using hardware-backed isolated worlds of execution. TEEs provide robust assurances regarding critical algorithm execution, tamper-resistant credential storage, and platform integrity using remote attestation. However, the challenge of remotely managing credentials between TEEs remains largely unaddressed in existing literature. In this work, we present novel protocols using mutual attestation for supporting four aspects of secure remote credential management with TEEs: backups, updates, migration, and revocation. The proposed protocols are agnostic to the underlying TEE implementation and subjected to formal verification using Scyther, which found no attacks.
Document type :
Conference papers
Complete list of metadatas

Cited literature [25 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02294612
Contributor : Hal Ifip <>
Submitted on : Monday, September 23, 2019 - 3:50:02 PM
Last modification on : Monday, September 23, 2019 - 3:52:04 PM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2022-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Carlton Shepherd, Raja Akram, Konstantinos Markantonakis. Remote Credential Management with Mutual Attestation for Trusted Execution Environments. 12th IFIP International Conference on Information Security Theory and Practice (WISTP), Dec 2018, Brussels, Belgium. pp.157-173, ⟨10.1007/978-3-030-20074-9_12⟩. ⟨hal-02294612⟩

Share

Metrics

Record views

9