A novel architecture for a secure update of cryptographic engines on trusted platform module

Sunil Malipatlolla; Thomas Feller; Abdulhadi Shoufan; Tolga Arul; Sorin A. Huss

doi:10.1109/FPT.2011.6132676

A novel architecture for a secure update of cryptographic engines on trusted platform module

Sunil Malipatlolla
, Thomas Feller
, Abdulhadi Shoufan
, Tolga Arul
, Sorin A. Huss

Electrical Engineering

Center for Advanced Security Research
Technische Universität Darmstadt

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

6 Scopus citations

Abstract

Trusted computing is gaining an increasing acceptance in the industry and finding its way to cloud computing. With this penetration, the question arises whether the concept of hard-wired security modules will cope with the increasing sophistication and security requirements of future IT systems and the ever expanding threats and violations. So far, embedding cryptographic hardware engines into the Trusted Platform Module (TPM) has been regarded as a security feature. However, new developments in cryptanalysis, side-channel analysis, and the emergence of novel powerful computing systems, such as quantum computers, can render this approach useless. Given that, the question arises: Do we have to throw away all TPMs and loose the data protected by them, if someday a cryptographic engine on the TPM becomes insecure? To address this question, we present a novel architecture called Sustainable Trusted Platform Module (STPM), which guarantees a secure update of the TPM cryptographic engines without compromising the system's trustworthiness. The STPM architecture has been implemented as a proof-of-concept on top of a Xilinx Virtex-5 FPGA platform, demonstrating a test case with an update of the fundamental hash engine of the TPM.

Original language	British English
Title of host publication	2011 International Conference on Field-Programmable Technology, FPT 2011
DOIs	https://doi.org/10.1109/FPT.2011.6132676
State	Published - 2011
Event	2011 International Conference on Field-Programmable Technology, FPT 2011 - New Delhi, India Duration: 12 Dec 2011 → 14 Dec 2011

Publication series

Name	2011 International Conference on Field-Programmable Technology, FPT 2011

Conference

Conference	2011 International Conference on Field-Programmable Technology, FPT 2011
Country/Territory	India
City	New Delhi
Period	12/12/11 → 14/12/11

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 9 Industry, Innovation, and Infrastructure

Keywords

Cryptography
Field Programmable Gate Arrays
Secure Update
Trusted Platform Module
Trustworthiness

Access to Document

10.1109/FPT.2011.6132676

OpenUrl availability

Full text

Cite this

Malipatlolla, S., Feller, T., Shoufan, A., Arul, T., & Huss, S. A. (2011). A novel architecture for a secure update of cryptographic engines on trusted platform module. In 2011 International Conference on Field-Programmable Technology, FPT 2011 Article 6132676 (2011 International Conference on Field-Programmable Technology, FPT 2011). https://doi.org/10.1109/FPT.2011.6132676

@inproceedings{4cbb9672124144cb9e3fb9642284a7e3,

title = "A novel architecture for a secure update of cryptographic engines on trusted platform module",

abstract = "Trusted computing is gaining an increasing acceptance in the industry and finding its way to cloud computing. With this penetration, the question arises whether the concept of hard-wired security modules will cope with the increasing sophistication and security requirements of future IT systems and the ever expanding threats and violations. So far, embedding cryptographic hardware engines into the Trusted Platform Module (TPM) has been regarded as a security feature. However, new developments in cryptanalysis, side-channel analysis, and the emergence of novel powerful computing systems, such as quantum computers, can render this approach useless. Given that, the question arises: Do we have to throw away all TPMs and loose the data protected by them, if someday a cryptographic engine on the TPM becomes insecure? To address this question, we present a novel architecture called Sustainable Trusted Platform Module (STPM), which guarantees a secure update of the TPM cryptographic engines without compromising the system's trustworthiness. The STPM architecture has been implemented as a proof-of-concept on top of a Xilinx Virtex-5 FPGA platform, demonstrating a test case with an update of the fundamental hash engine of the TPM.",

keywords = "Cryptography, Field Programmable Gate Arrays, Secure Update, Trusted Platform Module, Trustworthiness",

author = "Sunil Malipatlolla and Thomas Feller and Abdulhadi Shoufan and Tolga Arul and Huss, \{Sorin A.\}",

year = "2011",

doi = "10.1109/FPT.2011.6132676",

language = "British English",

isbn = "9781457717406",

series = "2011 International Conference on Field-Programmable Technology, FPT 2011",

booktitle = "2011 International Conference on Field-Programmable Technology, FPT 2011",

note = "2011 International Conference on Field-Programmable Technology, FPT 2011 ; Conference date: 12-12-2011 Through 14-12-2011",

}

Malipatlolla, S, Feller, T, Shoufan, A, Arul, T & Huss, SA 2011, A novel architecture for a secure update of cryptographic engines on trusted platform module. in 2011 International Conference on Field-Programmable Technology, FPT 2011., 6132676, 2011 International Conference on Field-Programmable Technology, FPT 2011, 2011 International Conference on Field-Programmable Technology, FPT 2011, New Delhi, India, 12/12/11. https://doi.org/10.1109/FPT.2011.6132676

A novel architecture for a secure update of cryptographic engines on trusted platform module. / Malipatlolla, Sunil; Feller, Thomas; Shoufan, Abdulhadi et al.
2011 International Conference on Field-Programmable Technology, FPT 2011. 2011. 6132676 (2011 International Conference on Field-Programmable Technology, FPT 2011).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A novel architecture for a secure update of cryptographic engines on trusted platform module

AU - Malipatlolla, Sunil

AU - Feller, Thomas

AU - Shoufan, Abdulhadi

AU - Arul, Tolga

AU - Huss, Sorin A.

PY - 2011

Y1 - 2011

N2 - Trusted computing is gaining an increasing acceptance in the industry and finding its way to cloud computing. With this penetration, the question arises whether the concept of hard-wired security modules will cope with the increasing sophistication and security requirements of future IT systems and the ever expanding threats and violations. So far, embedding cryptographic hardware engines into the Trusted Platform Module (TPM) has been regarded as a security feature. However, new developments in cryptanalysis, side-channel analysis, and the emergence of novel powerful computing systems, such as quantum computers, can render this approach useless. Given that, the question arises: Do we have to throw away all TPMs and loose the data protected by them, if someday a cryptographic engine on the TPM becomes insecure? To address this question, we present a novel architecture called Sustainable Trusted Platform Module (STPM), which guarantees a secure update of the TPM cryptographic engines without compromising the system's trustworthiness. The STPM architecture has been implemented as a proof-of-concept on top of a Xilinx Virtex-5 FPGA platform, demonstrating a test case with an update of the fundamental hash engine of the TPM.

AB - Trusted computing is gaining an increasing acceptance in the industry and finding its way to cloud computing. With this penetration, the question arises whether the concept of hard-wired security modules will cope with the increasing sophistication and security requirements of future IT systems and the ever expanding threats and violations. So far, embedding cryptographic hardware engines into the Trusted Platform Module (TPM) has been regarded as a security feature. However, new developments in cryptanalysis, side-channel analysis, and the emergence of novel powerful computing systems, such as quantum computers, can render this approach useless. Given that, the question arises: Do we have to throw away all TPMs and loose the data protected by them, if someday a cryptographic engine on the TPM becomes insecure? To address this question, we present a novel architecture called Sustainable Trusted Platform Module (STPM), which guarantees a secure update of the TPM cryptographic engines without compromising the system's trustworthiness. The STPM architecture has been implemented as a proof-of-concept on top of a Xilinx Virtex-5 FPGA platform, demonstrating a test case with an update of the fundamental hash engine of the TPM.

KW - Cryptography

KW - Field Programmable Gate Arrays

KW - Secure Update

KW - Trusted Platform Module

KW - Trustworthiness

UR - https://www.scopus.com/pages/publications/84857201083

U2 - 10.1109/FPT.2011.6132676

DO - 10.1109/FPT.2011.6132676

M3 - Conference contribution

AN - SCOPUS:84857201083

SN - 9781457717406

T3 - 2011 International Conference on Field-Programmable Technology, FPT 2011

BT - 2011 International Conference on Field-Programmable Technology, FPT 2011

T2 - 2011 International Conference on Field-Programmable Technology, FPT 2011

Y2 - 12 December 2011 through 14 December 2011

ER -

A novel architecture for a secure update of cryptographic engines on trusted platform module

Abstract

Publication series

Conference

UN SDGs

Keywords

Access to Document

OpenUrl availability

Other files and links

Fingerprint

Cite this