Stack Overflow
Stack Overflow

Questions tagged [trusted-computing]

Trusted computing is a technology to enhance security of computer systems. The key component is the Trusted Platform Module (TPM). As a hardware device it provides features that software can't. Trusted computing is developed and promoted by the Trusted Computing Group (TCG).

Trusted Computing is a technology to enhance security of computer systems. The key component is the Trusted Platform Module (TPM). As a hardware device it provides features that software can't. Trusted computing is developed and promoted by the Trusted Computing Group (TCG).

54 questions
142
votes
4 answers

How to encrypt bytes using the TPM (Trusted Platform Module)

How can I encrypt bytes using a machine's TPM module? CryptProtectData Windows provides a (relatively) simple API to encrypt a blob using the CryptProtectData API, which we can wrap an easy to use function: public Byte[] ProtectBytes(Byte[]…
Ian Boyd
  • 246,734
  • 253
  • 869
  • 1,219
53
votes
10 answers

Signed executables under Linux

For security reasons, it is desirable to check the integrity of code before execution, avoiding tampered software by an attacker. So, my question is How to sign executable code and run only trusted software under Linux? I have read the work of van…
TH.
  • 1,738
  • 1
  • 12
  • 15
17
votes
3 answers

Can I use Amazon AWS Lambda as a secure enclave for trusted computing?

I would like to use AWS Lambda to perform a computation on behalf of a 3rd party and then prove to them that I did so as intended. A proof would be a cryptographically signed digest of the function body, the request, and the response. Ideally,…
Michael Maurer
  • 171
  • 6
8
votes
2 answers

Intel SGX Threading and vs TCS

I'm trying to understand the difference between SGX threads enabled by TCS and untrusted threading provided by SDK. If I understand correctly, TCS enables multiple logical processors to enter the same enclave. Each logical processor will have its…
qweruiop
  • 3,156
  • 6
  • 31
  • 55
7
votes
1 answer

How to make sure a piece of code never leaves the CPU cache (L3)?

The latest Intel's XEON processors have 30MB of L3 memory which is enough to fit a thin type 1 Hypervisor. I'm interested in understanding how to keep such an Hypervisor within the CPU, i.e. prevented from being flushed to RAM or, at least, encrypt…
northox
  • 432
  • 5
  • 18
6
votes
2 answers

What is the difference between Intel TXT and TPM?

What is the difference between Intel TXT and TPM? What more Intel TXT has to offer as compared to TPM? Basically, I wanted to know how TXT works? Any easy to follow literature for beginners will be highly appreciated!
Geek
  • 363
  • 1
  • 7
  • 14
5
votes
2 answers

A detail about SGX loading

Is it possible to load a program larger than the EPC memory to an enclave? I feel like in theory it is permissible because OS can swap pages out freely EEXTEND measures an enclave incrementally by 256 bytes So in theory, it seems possible to load…
qweruiop
  • 3,156
  • 6
  • 31
  • 55
5
votes
1 answer

How can a the extension of the PCR value be replicated with e.g. sha1sum?

this is somewhat related to the post in: Perform OR on two hash outputs of sha1sum I have a sample set of TPM measurements, e.g. the following: 10 1ca03ef9cca98b0a04e5b01dabe1ff825ff0280a ima 0ea26e75253dc2fda7e4210980537d035e2fb9f8 …
nico
  • 85
  • 6
4
votes
2 answers

Client Application and Trusted Application in Trusted Execution Environment (TEE)

I am new to the TEE (Trusted Execution Environment). Can someone help me with few basic doubts? AFAIK, every Android mobile device have a separate TEE OS installed along with some predefined TA (Trusted Application) to store the secret information…
DAC84
  • 421
  • 1
  • 8
  • 20
4
votes
1 answer

How to setup a TrustZone development environment

I'd like to start playing with ARM TrustZone, so I'd like to setup a development environment, unfortunatelly I have the feeling I'm still missing something, I don't know how to put everything together. This is my current picture: A SoC with a…
ruizpauker
  • 384
  • 7
  • 19
4
votes
0 answers

How to deploy Trusty TEE?

Recently, I'm studying Trust Execution Environment. And finding that Android has implemented a TEE os called Trusty. I followed the instruction on https://source.android.com/security/trusty/ and built the Trusty system. But how can I deploy it? Or…
logan_white
  • 51
  • 5
4
votes
1 answer

How to extend the running application into PCR?

How to extend the running application into PCR? and Which PCR can be used for it?
Geek
  • 363
  • 1
  • 7
  • 14
3
votes
1 answer

Using Intel SGX Remote Attestation in a Client-Server Architecture

Assume the following scenario: we want to implement an open-source password manager that uses a central service that enables the different clients (on different devices) to synchronize their local databases. It doesn't matter if this service is run…
Marc
  • 69
  • 6
3
votes
1 answer

Clearing TPM without owner password

I want to use BeagleBone Black with TPM enabled through CryptoCape. I am following this tutorial in a way I can clear the TPM, because of its compliance mode. When I run tpm_clear -l debug I get a prompt to enter the owner password, which I do not…
Dalton Cézane
  • 3,672
  • 2
  • 35
  • 60
3
votes
1 answer

Intel SGX developer licensing and open-source software

Is it possible to obtaining a licensed developer certificate for signing security-reviewed, community-developed open source SGX software binary in production mode, and publish it on open source repository like apt or rpm? I just asked Intel SGX…
Heting Wang
  • 51
  • 4
1
2 3 4