Hash-Based TPM Signatures for the Quantum World

详细信息    查看全文

• 关键词：Post ; quantum ; Trusted Platform Module (TPM) ; Attestation Identity Key (AIK) ; Merkle trees
• 刊名：Lecture Notes in Computer Science
• 出版年：2016
• 出版时间：2016
• 年：2016
• 卷：9696
• 期：1
• 页码：77-94
• 全文大小：289 KB
• 参考文献：1.Alkim, E., Bindel, N., Buchmann, J., Dagdelen, Ö.: TESLA: Tightly-Secure Efficient Signatures from Standard Lattices. Cryptology ePrint Archive, Report 2015/755 (2015)
  2.Arthur, W., Challener, D., Goldman, K.: A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security. Apress, Berkeley (2015)CrossRef
  3.Barak, B., Mahmoody-Ghidary, M.: Lower bounds on signatures from symmetric primitives. In: Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science, pp. 680–688, October 2007
  4.Bernstein, D.J., Buchmann, J., Dahmen, E. (eds.): Post-Quantum Cryptography. Springer Science & Business Media, Heidelberg (2009)MATH
  5.Bernstein, D.J., et al.: SPHINCS: practical stateless hash-based signatures. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part I. LNCS, vol. 9056, pp. 368–397. Springer, Heidelberg (2015)
  6.Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, pp. 132–145. ACM, New York, NY, USA (2004)
  7.Buchmann, J., Dahmen, E., Hülsing, A.: XMSS–a practical forward secure signature scheme based on minimal security assumptions. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 117–129. Springer, Heidelberg (2011)CrossRef
  8.Buchmann, J., Dahmen, E., Schneider, M.: Merkle tree traversal revisited. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 63–78. Springer, Heidelberg (2008)CrossRef
  9.Challener, D., Yoder, K., Catherman, R., Safford, D., Van Doorn, L.: A Practical Guide to Trusted Computing. Pearson Education, Upper Saddle River (2007)
  10.Coker, G., Guttman, J., Loscocco, P., Herzog, A., Millen, J., O’Hanlon, B., Ramsdell, J., Segall, A., Sheehy, J., Sniffen, B.: Principles of remote attestation. Int. J. Inf. Secur. 10(2), 63–81 (2011)CrossRef
  11.Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Proceedings of the Twenty-eighth Annual ACM Symposium on Theory of Computing, STOC 1996, pp. 212–219. ACM, New York, NY, USA (1996)
  12.Ideguchi, K., Owada, T., Yoshida, H.: A study on RAM requirements of various SHA-3 Candidates on Low-cost 8-bit CPUs. IACR Cryptology ePrint Archive (2009)
  13.Jakobsson, M., Leighton, T., Micali, S., Szydlo, M.: Fractal merkle tree representation and traversal. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 314–326. Springer, Heidelberg (2003)CrossRef
  14.Kinney, S.: Trusted Platform Module Basics: Using TPM in Embedded Systems. Elsevier Inc., Burlington (2006)
  15.Merkle, R.C.: Advances in Cryptology–CRYPTO 1989 Proceedings, chapter A Certified Digital Signature, pp. 218–238 (1990)
  16.Naor, D., Shenhav, A., Wool, A.: One-Time Signatures Revisited: Have They Become Practical? IACR Cryptology ePrint Archive (2005)
  17.Parno, B., McCune, J.M., Perrig, A.: Bootstrapping trust in commodity computers. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 414–429. IEEE, May 2010
  18.Parno, B., McCune, J.M., Perrig, A.: Bootstrapping Trust in Modern Computers. Springer Science & Business Media, New York (2011)CrossRef
  19.Sarmenta, L.F., van Dijk, M., O’Donnell, C.W., Rhodes, J., Devadas, S.: Virtual monotonic counters and count-limited objects using a TPM without a trusted OS. In: Proceedings of the First ACM Workshop on Scalable Trusted Computing, STC 2006, pp. 27–42. ACM, New York, NY, USA (2006)
  20.Scarlata, V., Rozas, C., Wiseman, M., Grawrock, D., Vishik, C.: Trusted Computing: Ein Weg zu neuen IT-Sicherheitsarchitekturen, chapter TPM Virtualization: Building a General Framework, pp. 43–56. Vieweg+Teubner (2008)
  21.Segall, A.: Trusted platform modules: When, Why, and How to Use Them. Version: 21 June 2015
  22.Peter, W.: Shor.: polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999)MathSciNet CrossRef MATH
  23.Szydlo, M.: Merkle tree traversal in log space and time. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 541–554. Springer, Heidelberg (2004)CrossRef
  24.TCG: TCG Vendor ID Registry, September 2015. http://​www.​trustedcomputing​group.​org
  
• 作者单位：Megumi Ando (16)
  Joshua D. Guttman (16)
  Alberto R. Papaleo (16)
  John Scire (17)
  
  16. The MITRE Corporation, Bedford, MA, USA
  17. Stevens Institute of Technology, Hoboken, NJ, USA
  
• 丛书名：Applied Cryptography and Network Security
• ISBN：978-3-319-39555-5
• 刊物类别：Computer Science
• 刊物主题：Artificial Intelligence and Robotics
  Computer Communication Networks
  Software Engineering
  Data Encryption
  Database Management
  Computation by Abstract Devices
  Algorithm Analysis and Problem Complexity
  
• 出版者：Springer Berlin / Heidelberg
• ISSN：1611-3349
• 卷排序：9696

文摘

Trusted Platform Modules (TPMs) provide trust and attestation services to the platforms they reside on, using public key encryption and digital signatures among other cryptography operations. However, the current standards mandate primitives that will be insecure in the presence of quantum computers. In this paper, we study how to eliminate these insecure primitives. We replace RSA-based digital signatures with a hash-based scheme. We show that this scheme can be implemented using reasonable amounts of space on the TPM. We also show how to protect the TPM from rollback attacks against these state-sensitive signature operations.