UPBA: User-Authenticated Property-Based Attestation

Mark Manulis and Marion Steiner. UPBA: User-Authenticated Property-Based Attestation. In Privacy, Security and Trust (PST), 2011 Ninth Annual International Conference on. 2011, 112-119.

Abstract: Remote attestation of computing platforms, using trusted hardware, guarantees the integrity, and by this the trustworthiness of a host to remote parties. While classical binary attestation attests the configuration itself, property-based attestation (PBA) attests properties and thus offers higher privacy guarantees to the host and its user. Nonetheless, both techniques are free from any user authentication mechanisms. Especially in distributed applications involving user interactions, the remote party may require assurance for the trustworthiness of the host and the authenticity of its user. Independence of user authentication from platform attestation may become an obstacle due to potential relay attacks. The User-Authenticated Property-Based Attestation (UPBA), introduced in this work, can assure a remote party that some computing platform is trustworthy, and that it is used at that very moment by some particular user. Our basic protocol is secure and practical. We prove its security formally, discuss its compatibility with current trusted computing technology, and illustrate several nice enhancements. Article Abstract auf IIEE Xplore Digital Library

Eine anerkannte Version des IEEE-copyrighted Artikels sowie der Präsentation hier als pdf-Download:

Download PDF Artikel (1 MB)  Download PDF Präsentation (454 KB)