TY - GEN
T1 - The trusted execution module
T2 - 8th IFIP WG 8.8/11.2 International Conference on Smart Card Research and Advanced Applications, CARDIS 2008
AU - Costan, V.
AU - Sarmenta, L.F.G.
AU - Van Dijk, M.
AU - Devadas, S.
PY - 2008
Y1 - 2008
N2 - This paper introduces the Trusted Execution Module (TEM); a high-level specification for a commodity chip that can execute user-supplied procedures in a trusted environment. The TEM is capable of securely executing partially-encrypted procedures/closures expressing arbitrary computation. These closures can be generated by any (potentially untrusted) party who knows the TEM's public encryption key. Compared to a conventional smartcard, which is typically used by pre-programming a limited set of domain- or application- specific commands onto the smartcard, and compared to the Trusted Platform Module (TPM), which is limited to a fixed set of cryptographic functions that cannot be combined to provide general-purpose trusted computing, the TEM is significantly more flexible. Yet we present a working implementation using existing inexpensive Javacard smartcards that does not require any export-restricted technology. The TEM's design enables a new style of programming, which in turn enables new applications. We show that the TEM's guarantees of secure execution enable exciting applications that include, but are not limited to, mobile agents, peer-to-peer multiplayer online games, and anonymous offline payments. © IFIP International Federation for Information Processing 2008.
AB - This paper introduces the Trusted Execution Module (TEM); a high-level specification for a commodity chip that can execute user-supplied procedures in a trusted environment. The TEM is capable of securely executing partially-encrypted procedures/closures expressing arbitrary computation. These closures can be generated by any (potentially untrusted) party who knows the TEM's public encryption key. Compared to a conventional smartcard, which is typically used by pre-programming a limited set of domain- or application- specific commands onto the smartcard, and compared to the Trusted Platform Module (TPM), which is limited to a fixed set of cryptographic functions that cannot be combined to provide general-purpose trusted computing, the TEM is significantly more flexible. Yet we present a working implementation using existing inexpensive Javacard smartcards that does not require any export-restricted technology. The TEM's design enables a new style of programming, which in turn enables new applications. We show that the TEM's guarantees of secure execution enable exciting applications that include, but are not limited to, mobile agents, peer-to-peer multiplayer online games, and anonymous offline payments. © IFIP International Federation for Information Processing 2008.
UR - http://www.scopus.com/inward/record.url?scp=52949106502&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-85893-5_10
DO - 10.1007/978-3-540-85893-5_10
M3 - Conference contribution
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 133
EP - 148
BT - Smart Card Research and Advanced Applications - 8th IFIP WG 8.8/11.2 International Conference, CARDIS 2008, Proceedings
Y2 - 8 September 2008 through 11 September 2008
ER -