Remote attestation mechanism of platform configuration based on dynamic Huffman tree
FU Dong-lai1,2,PENG Xin-guang3,CHEN Gou-xi2,YANG Qiu-xiang2
1. College of Computer Science and Technology, Taiyuan University of Technology, Taiyuan Shanxi 030024, China 2. School of Electronics and Computer Science and Technology, North University of China, Taiyuan Shanxi 030051, China 3. College of Computer Science and Technology, Taiyuan University of Technology, Taiyuan Shanxi 030024, China;
Abstract:In order to improve the efficiency of remote attestation for platform configuration, a method based on RAMT (Remote Attestation based on Merkle Hash Tree) was proposed which improved the approach to storing the Hash value of trusted entities by using a dynamic Huffman tree. And the relevant proof of verification efficiency was also given. From the point of view of data structures used for storing the integrity Hash value of the application software, the problems of the existing methods were analyzed. And detailed description about architecture, measurement and verification of RADHT (Remote Attestation based on a Dynamic Huffman Tree) was given. An example about integrity measurement algorithm was presented for the proposed mechanism. The ability in privacy protection and the efficiency of RADHT were discussed. Compared with RAMT, the probability of the integrity Hash value inquired and its update were considered. Results show the efficiency of the remote attestation is improved.
SAILER R, ZHANG X L, JAEGER T, et al. Design and implementation of a TCG-based integrity measurement architecture[C]// SSYM'04: Proceedings of the 13th Conference on USENIX Security Symposium. Berkley: USENIX Association, 2004, 13: 223-238.
ALSOURI S, DAGDELEN , KATZENBEISSER S. Group-based attestation: Enhancing privacy and management in remote attestation[C]// Trust 2010: Proceedings of the 3rd International Conference on Trust and Trustworthy Computing, LNCS 6101. Berlin: Springer-Verlag, 2010:63-67.
[7]
ALAM M, ZHANG XINWEN, NAUMAN M, et al. Model-based behavioral attestation[C]// Proceedings of the 13th ACM Symposium on Access Control Models and Technologies. New York: ACM,2008:175-184.
[8]
GU LIANG, DING XUHUA, DENG R H, et al. Remote attestation on program execution[C]// STC '08: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing. New York:ACM, 2008:11-20.
[9]
PENG GUOJUN, PAN XUANCHEN, ZHANG HUANGUO,et al. Dynamic trustiness authentication framework based on software's behavior integrity[C]// ICYCS 2008: The 9th International Conference for Young Computer Scientists. Washington, DC: IEEE Computer Society, 2008:2283-2288.
[10]
LOSCOCCO P A, WILSON P W, PENDERGRASS J A,et al. Linux kernel integrity measurement using contextual inspection[C]// STC '07: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing. New York: ACM, 2007: 21-29.
[11]
NAUMAN M, ALAM M, ZHANG X, et al. Remote attestation of attribute updates and information flows in a UCON system[C]//Trust '09: Proceedings of the 2nd International Conference on Trusted Computing. Berlin: Springer-Verlag, 2009:63-80.
[12]
BAIARDI F, CILEA D, SGANDURRA D, et al. Measuring semantic integrity for remote attestation[C]// Trust'09: Proceedings of the 2nd International Conference on Trusted Computing. Berlin: Springer-Verlag, 2009:81-100.