Privacy-Preserving Remote Attestation Protocol


Binary Attestation (BA) is a security mechanism which has existed for decades. The goal of BA is to guarantee that the correct software is loaded on a computer system. This is accomplished by applying concepts of Trusted Computing technology. Trusted Computing technologies are: Trusted Platform Module (TPM), measured/trusted boot, and the Linux Integrity Measurement Architecture (IMA), to ensure that a system has booted correctly and authentic software is running. Further, to provide evidence that the systemŠs operational state is trustworthy, a log is generated which contains Ąle names and hash sums of software components. The trustworthiness of the evidence is tied to a TPM. Later on, a remote party is able to verify the evidence if the operational state of the target system is trustworthy, in a process known as Remote Attestation (RA). Cyber-physical systems (such as power grids or nuclear power plants), and vehicular systems (such as railway- or automotive-transportation) are running multiple applications from various vendors. In the case of binary remote attestation, all log entries (such as Ąle names and hash sums of software components) of all running software from all vendors are exposed to the remote party. Thus, the problem of binary remote attestation is that privacy is not preserved. This thesis resolves the privacy deĄciency by designing a privacy-preserving remote attestation approach. The core idea of the approach is to combine the Trusted Computing technology sector with the privacy-enhancing technology area. The approach preserves privacy by blinding all log entries. Hence, the approach reveals the associated (blinded) log entries to the veriĄer by applying the Schnorr Non-Interactive Zero-Knowledge (NIZK) proof over an elliptic curve (Schnorr Signature). This allows the attester to convince the veriĄer that the blinded entry is the actual running software on the attesterŠs system without exposing the other entries. To demonstrate feasibility and practicability of the approach, this thesis implemented a Proof-of-Concept (PoC). This work evaluated the performance and privacy of the PoC. The results show that privacy against the remote party is guaranteed while ensuring integrity and authenticity of the operational state of the attesterŠs system (target system). However, the resource utilization increased during remote attestation while preserving privacy.

TU Wien