Periodic Reporting for period 2 - FutureTPM (Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module)
Reporting period: 2019-07-01 to 2020-12-31
We have also identified a set of QR cryptographic primitives which could replace all of the classes of crypto algorithms supported by the existing TPM technology. Our selection is based on the state-of-the-art researches in the Post-Quantum Cryptography (PQC) field; for example, several digital signatures, asymmetric encryption and key exchange mechanisms are chosen from the latest round of the NIST PQC standardisation process. This set of selected cryptographic mechanisms will be implemented in one of the three TPM environments; namely SW-, HW- and Virtual-based TPM..
In this line of research, the FutureTPM consortium has also designed two lattice-based Direct Anonymous Attestation (DAA) schemes. DAA is an important cryptographic primitive that was originally designed to support user privacy when using a TPM chip. The QR DAA research has not yet been covered by existing standardization efforts. We have implemented one of these two schemes in a software-based TPM environment and we will implement the other DAA variant in the second part of the project.
Furthermore, the project also completed the modelling and formal verification of one of the core services towards building chains of trust based on the secure identification and correct configuration state of deployed devices. The concept of secure remote attestation and all its relevant functionalities was verified such as the creation of the TPM keys, the Enhanced Authorization (EA), and the management of sessions and Platform Configuration Registers. This was also accompanied with a detailed abstraction of the TPM’s building blocks as ideal functionalities and trusted platform command abstractions consisting of specific set of formally specified primitives sufficient to implement the core TPM functionalities beyond the crypto operations. Such a “bottom-up” modelling approach y, based on the use of trusted abstract platform models and idealized functionalities, is more than just a set of proofs of correctness of specific services but it can also enable the security modelling of the TPM as a whole merging various functionalities offered by the different abstraction layers.
Research has culminated to the development of holistic risk assessment framework capable of providing functionalities during both design-time, where an initial risk graph of all possible threats and risks are identified, and run-time, where the risk graph can be updated in order to achieve the required security, trust and privacy properties in the case of newly identified (e.g. zero-day) vulnerabilities.
We have implemented several selected QR cryptographic mechanisms (WP5), with detailed evaluation results been available. A detailed testing was also conducted in the context of the envisioned use cases. An on-boarding of this set of enriched use cases, in the overall FutureTPM framework, was concluded, leading to promising outcomes with regards to the validity of TPM-backed solutions to serve vertical industry needs.
Finally, regarding dissemination, awareness, and standardization activities, it is worth noting the great effort of FutureTPM consortium in clustering with other EU security- and privacy-related research project activities (e.g. PROMETHEUS, PAPAYA, and ASTRID) towards improving “cyber security”. For the latter, a number of actions were taken for the promotion of the project results to the trusted computing community and close follow-up of standardization activities
Except from trusted computing, this project also has a strong impact on other applications of applied cryptography in general. For any application, which requires long-term security for data protection and user privacy, it can follow the outputted research results and technical guidance from this project to make a smooth transition from today’s cryptographic mechanisms to post-quantum cryptographic solutions.