Collaborate Disseminate
I want to run my computer program(or code) on someone else’s computer(with permission from the owner of the computer) and get the results back. How can I make sure the owner is running my program only, for the computation of results? Does … Continue reading How to ensure integrity of program execution on foreign(someone else’s) computer?
I understand that TPM is a specification and devices conforming to it are called Trusted Platform Modules and they play an important role in trusted computing (as is defined by the same people who make the TPM specifications in the first p… Continue reading In relation to TPM specification, what are (e.g.) Apple’s T2 or Google’s Titan chips?
The title really says it all. I’m starting to dig a little bit into computer security and from what I’ve watched or from what I have read in books or articles there’s always a mention of basic smart cards (e.g. Chapter 3, “Scenarios for Us… Continue reading What does a TPM have in common with smart cards?
I’m trying to make notes about the TPM and what it does. More specifically I’m looking at the 3 RSA key pairs: the ‘endorsement key’, the ‘storage root key’ and the ‘attestation identity key’.
This is what I have written so far:
The ‘Endor… Continue reading What’s the difference between the endorsement key and the attestation identity key within the TPM?
I’ve been looking at the following figure which shows, with Arm TrustZone architecture, resources of a system can be divided into a Rich Execution Environment (REE) and a Trusted Execution Environment (TEE).
Here I’m trying to understand … Continue reading In an Arm TrustZone based Trusted Application (TA), how can a remote party tie an output to a particular TA?
A trusted execution environment (TEE) provides a way for one to deploy tamper-proof programs on a device. The most prominent example of TEEs seem to be Intel SGX for PCs.
What I wonder is, if there exists an equivalent solution for mobile… Continue reading What Trusted Execution Environment (TEE) solutions exist for mobile devices?
It seems that the term “local attestation” is usually used to refer an attestation conducted within an Intel environment. While the term “remote attestation” is widely used with a big range of platforms.
Does the term local attestation … Continue reading Why local attestation?
I am studying Trusted Execution Environment (TEE) in Android mobile phone. From reading, I found there are 2 APIs in TEE (isolated OS):
Internal API: a programming and services API for Trusted Application (TA) in TEE, cannot be called by… Continue reading Trusted Execution Environment (TEE) internal API vs. external (client) API
I need to create an attestation key (AK) and use it to sign arbitrary data in TPM 2.0. The TCG Guidance documents, suggest that some TPMs may come pre-provisioned with an AK that is part of the endorsement hierarchy. I am wondering if ther… Continue reading How can I create restricted signing key or attestation key and certify it in TPM 2.0?
It is often cited “to load from untrusted memory to a trusted system memory” when describing the secure boot process. I wonder, when can we consider a memory as “trusted”?