The privacy aspect of TPM attestation
Pia Andrews Conservatory | Mon 25 Jan 2:25 p.m.–3:10 p.m.
Presented by
-
Imran Desai
@imranodesai
https://www.linkedin.com/in/imranodesai/
Imran is a software engineer in the Open-Source-Security team at Intel
Corporation's System-Software-Engineering group. For the past year, Imran has
been one of the maintainers of the tpm2-software project
(https://tpm2-software.github.io) hosted on GitHub and has been contributing to
the project since an early stage. In his current and previous roles at Intel,
Imran has been collaborating with several engineering teams to help with the
development and deployment of various security technologies including Intel (R)
Platform Trust Technology.
-
Embedded Security Software Developer @ Infineon Technologies AG developing the next generation of Trusted Platform Modules (TPM) and ePassports.
Former TPM Subystem Maintainer.
OpenSource and Linux enthusiast for 15+ years - advocating the use and support for open source within my organization.
Projectlead for the Infineon sponsored work on the ESAPI/FAPI part of the TPM Software Stack in collaboration with Fraunhofer SIT and Intel.
Part-time lecturer @ University of Applied Sciences Augsburg.
Youth Leader @ German Alpine Club
Imran Desai
@imranodesai
https://www.linkedin.com/in/imranodesai/
Abstract
As digital computing continues to become ubiquitous, it has become indispensable
to accurately measure the trust in the systems we interact with, especially
remotely. With the advent of IoT, platform security, and privacy design goals
and solutions continue to be increasingly variegated. One of the reliable and
standard choices to accurately assess trust in a system is to use trusted platform
modules (TPM) to cryptographically prove the system-software-state through a
process called attestation.
After a brief introduction to remote attestation, this talk will elicit
the privacy aspects of remote attestation within the TPM2.0 specification.
We will explore how specific TPM2 commands work in the context of the
remote attestation use case, highlight which data and information is exchanged
during the process and point out some features that augment the security and
privacy of the end-user.
This enables system designers to compare and or customize the existing
attestation frameworks to achieve their specific security and privacy goals and
evaluate them for their real-world use cases.
As digital computing continues to become ubiquitous, it has become indispensable to accurately measure the trust in the systems we interact with, especially remotely. With the advent of IoT, platform security, and privacy design goals and solutions continue to be increasingly variegated. One of the reliable and standard choices to accurately assess trust in a system is to use trusted platform modules (TPM) to cryptographically prove the system-software-state through a process called attestation. After a brief introduction to remote attestation, this talk will elicit the privacy aspects of remote attestation within the TPM2.0 specification. We will explore how specific TPM2 commands work in the context of the remote attestation use case, highlight which data and information is exchanged during the process and point out some features that augment the security and privacy of the end-user. This enables system designers to compare and or customize the existing attestation frameworks to achieve their specific security and privacy goals and evaluate them for their real-world use cases.