Offline untrusted storage with immediate detection of forking and replay attacks

M. Van Dijk, J. Rhodes, L.F.G. Sarmenta, S. Devadas

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

We address the problem of using an untrusted server with only a trusted timestamping device (TTD) to provide trusted storage for a large number of clients, where each client may own and use several different devices that may be offline at different times and may not be able to communicate with each other except through the untrusted server (over an untrusted network). We show how a TTD can be implemented using currently available Trusted Platform Module TPM 1.2 technology without having to assume trust in the BIOS, CPU, or OS of the TPM's server. We show how the TTD can be used to implement tamper-evident storage where clients are guaranteed to immediately detect illegitimate modifications to their data (including replay attacks and forking attacks) whenever they wish to perform a critical operation that relies on the freshness and validity of the data. In particular, we introduce and analyze a log-based scheme in which the TTD is used to securely implement a large number of virtual monotonic counters, which can then be used to time-stamp data and provide tamper-evident storage. We present performance results of an actual implementation using PlanetLab and a PC with a TPM 1.2 chip. © 2007 ACM.
Original languageEnglish
Title of host publicationSTC'07 - Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing
Pages41-48
DOIs
Publication statusPublished - 2007
Externally publishedYes
Event2nd ACM Workshop on Scalable Trusted Computing, STC'07 - , United States
Duration: 2 Nov 20072 Nov 2007

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Conference

Conference2nd ACM Workshop on Scalable Trusted Computing, STC'07
Country/TerritoryUnited States
Period2/11/072/11/07

Fingerprint

Dive into the research topics of 'Offline untrusted storage with immediate detection of forking and replay attacks'. Together they form a unique fingerprint.

Cite this