TY - GEN
T1 - A novel architecture for a secure update of cryptographic engines on trusted platform module
AU - Malipatlolla, Sunil
AU - Feller, Thomas
AU - Shoufan, Abdulhadi
AU - Arul, Tolga
AU - Huss, Sorin A.
PY - 2011
Y1 - 2011
N2 - Trusted computing is gaining an increasing acceptance in the industry and finding its way to cloud computing. With this penetration, the question arises whether the concept of hard-wired security modules will cope with the increasing sophistication and security requirements of future IT systems and the ever expanding threats and violations. So far, embedding cryptographic hardware engines into the Trusted Platform Module (TPM) has been regarded as a security feature. However, new developments in cryptanalysis, side-channel analysis, and the emergence of novel powerful computing systems, such as quantum computers, can render this approach useless. Given that, the question arises: Do we have to throw away all TPMs and loose the data protected by them, if someday a cryptographic engine on the TPM becomes insecure? To address this question, we present a novel architecture called Sustainable Trusted Platform Module (STPM), which guarantees a secure update of the TPM cryptographic engines without compromising the system's trustworthiness. The STPM architecture has been implemented as a proof-of-concept on top of a Xilinx Virtex-5 FPGA platform, demonstrating a test case with an update of the fundamental hash engine of the TPM.
AB - Trusted computing is gaining an increasing acceptance in the industry and finding its way to cloud computing. With this penetration, the question arises whether the concept of hard-wired security modules will cope with the increasing sophistication and security requirements of future IT systems and the ever expanding threats and violations. So far, embedding cryptographic hardware engines into the Trusted Platform Module (TPM) has been regarded as a security feature. However, new developments in cryptanalysis, side-channel analysis, and the emergence of novel powerful computing systems, such as quantum computers, can render this approach useless. Given that, the question arises: Do we have to throw away all TPMs and loose the data protected by them, if someday a cryptographic engine on the TPM becomes insecure? To address this question, we present a novel architecture called Sustainable Trusted Platform Module (STPM), which guarantees a secure update of the TPM cryptographic engines without compromising the system's trustworthiness. The STPM architecture has been implemented as a proof-of-concept on top of a Xilinx Virtex-5 FPGA platform, demonstrating a test case with an update of the fundamental hash engine of the TPM.
KW - Cryptography
KW - Field Programmable Gate Arrays
KW - Secure Update
KW - Trusted Platform Module
KW - Trustworthiness
UR - http://www.scopus.com/inward/record.url?scp=84857201083&partnerID=8YFLogxK
U2 - 10.1109/FPT.2011.6132676
DO - 10.1109/FPT.2011.6132676
M3 - Conference contribution
AN - SCOPUS:84857201083
SN - 9781457717406
T3 - 2011 International Conference on Field-Programmable Technology, FPT 2011
BT - 2011 International Conference on Field-Programmable Technology, FPT 2011
T2 - 2011 International Conference on Field-Programmable Technology, FPT 2011
Y2 - 12 December 2011 through 14 December 2011
ER -