UPBA: User-Authenticated Property-Based Attestation

Manulis, M and Steiner, M (2011) UPBA: User-Authenticated Property-Based Attestation In: 9th PST 2011, 2011-07-19 - 2011-07-21, Montreal, Canada.

	Text MaSt_PST11.pdf Restricted to Repository staff only Available under License : See the attached licence file. Download (1MB)
	Text (licence) SRI_deposit_agreement.pdf Restricted to Repository staff only Download (33kB)

Abstract

Remote attestation of computing platforms, using trusted hardware, guarantees the integrity, and by this the trustworthiness of a host to remote parties. While classical binary attestation attests the configuration itself, property-based attestation (PBA) attests properties and thus offers higher privacy guarantees to the host and its user. Nonetheless, both techniques are free from any user authentication mechanisms. Especially in distributed applications involving user interactions, the remote party may require assurance for the trustworthiness of the host and the authenticity of its user. Independence of user authentication from platform attestation may become an obstacle due to potential relay attacks. The User-Authenticated Property-Based Attestation (UPBA), introduced in this work, can assure a remote party that some computing platform is trustworthy, and that it is used at that very moment by some particular user. Our basic protocol is secure and practical. We prove its security formally, discuss its compatibility with current trusted computing technology, and illustrate several nice enhancements.

Item Type:	Conference or Workshop Item (UNSPECIFIED)
Divisions :	Surrey research (other units)
Authors :	Manulis, M and Steiner, M
Date :	19 July 2011
DOI :	10.1109/PST.2011.5971972
Contributors :	Contribution Name Email ORCID http://www.loc.gov/loc.terms/relators/PBL IEEE,
Depositing User :	Symplectic Elements
Date Deposited :	28 Mar 2017 13:43
Last Modified :	23 Jan 2020 12:57
URI:	http://epubs.surrey.ac.uk/id/eprint/755167

Actions (login required)

View Item

Downloads