Top

Published in:

2020 | OriginalPaper | Chapter

A Symbolic Model for Systematically Analyzing TEE-Based Protocols

Authors : Shiwei Xu, Yizhi Zhao, Zhengwei Ren, Lingjuan Wu, Yan Tong, Huanguo Zhang

Published in: Information and Communications Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Trusted Execution Environment (TEE) has been widely used as an approach to provide an isolated storage and computation environment for various protocols, and thus security features of TEE determine how to design these protocols. In practice, however, new TEE-based protocols are often designed empirically, and a lack of comprehensive analysis against real threat models easily results in vulnerabilities and attacks. Unlike most past work focusing on communication channels or secure enclaves, we present a formal model for TEE-based protocols, which includes a detailed threat model taking into account attacks from both network and TEE-based platforms together with a scalable multiset-rewriting modelling framework instantiated by Tamarin. Based on the proposed threat model and formalism, we use Tamarin to systematically and automatically analyze related offline and web-based protocols considering all combination of threats. The results and comparison highlight the protocols’ advantages and weaknesses inherited from TEE-based platforms. Moreover, we also capture some vulnerabilities that are difficult to be found under the traditional threat model and propose corresponding fixes.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter CoinBot: A Covert Botnet in the Cryptocurrency Network

next chapter New Practical Public-Key Deniable Encryption

Available only for authorised users

Lebedev, I., Hogan, K., Devadas, S.: Invited paper: secure boot and remote attestation in the sanctum processor. In: Proceedings of the CSF, Oxford, UK, pp. 46–60 (2018)

Lee, S., Lee, J.-H.: TEE based session key establishment protocol for secure infotainment systems. Des. Autom. Embed. Syst. 22(3), 215–224 (2018). https://doi.org/10.1007/s10617-018-9212-5CrossRef

Sawtooth. PoET 1.0 Specification. https://sawtooth.hyperledger.org/docs/core/nightly/master/architecture/poet.html. Accessed 1 May 2020

Machiry, A., Gustafson, E., Spensky, C., et al.: BOOMERANG: exploiting the semantic gap in trusted execution environments. In: Proceedings of the NDSS, San Diego, CA, USA (2017)

Bulck, J.V., Oswald, D., Marin, E., Aldoseri, A., Garcia, F.D., Piessens, F.: A tale of two worlds: assessing the vulnerability of enclave shielding runtimes. In: Proceedings of the CSS, London, UK, pp. 1741–1758 (2019)

Bulck, J.V., Piessens, F., Strackx, R.: SGX-step: a practical attack framework for precise enclave execution control. In: Proceedings of the SysTEX, Shanghai, China, pp. 1–6 (2017)

Smyth, B., Ryan, M., Chen, L.: Formal analysis of anonymity in ECC-based direct anonymous attestation schemes. In: Barthe, G., Datta, A., Etalle, S. (eds.) FAST 2011. LNCS, vol. 7140, pp. 245–262. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29420-4_16CrossRef

Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: A formal analysis of authentication in the TPM. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 111–125. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19751-2_8CrossRef

Shao, J., Qin, Y., Feng, D., Wang, W.: Formal analysis of enhanced authorization in the TPM 2.0. In: Proceedings of the AsiaCCS, Singapore, pp. 273–284 (2015)

10.

Sinha, R., Rajamani, S., Seshia, S., Vaswani, K.: Moat: verifying confidentiality of enclave programs. In: Proceedings of the CCS, Denver, Colorado, USA, pp. 1169–1184 (2015)

11.

Datta, A., Franklin, J., Garg, D., Kaynar, D.: A logic of secure systems and its application to trusted computing. In: Proceedings of the S&P, Berkeley, CA, USA, pp. 221–236 (2009)

12.

Jia, L., Sen, S., Garg, D., Datta, A.: A logic of programs with interface-confined code. In: Proceedings of the CSF, Verona, Italy, pp. 512–525 (2015)

13.

Jacomme, C., Kremer, S., Scerri, G.: Symbolic models for isolated execution environments. In: Proceedings of the EuroS&P, Paris, France, pp. 127–141 (2017)

14.

Bai, G., Hao, J., Wu, J., Liu, Y., Liang, Z., Martin, A.: TrustFound: towards a formal foundation for model checking trusted computing platforms. In: Jones, C., Pihlajasaari, P., Sun, J. (eds.) FM 2014. LNCS, vol. 8442, pp. 110–126. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-06410-9_8CrossRef

15.

Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696–701. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39799-8_48CrossRef

16.

The Tamarin Team. Tamarin-Prover Manual. https://tamarin-prover.github.io/manual/index.html. Accessed 1 May 2020

17.

Conference-author. Tamarin scripts for TEE-based protocols. https://github.com/conference-author/TEEBasedPro/. Accessed 3 May 2020

18.

ARM. Trusted Firmware-A Documentation. https://trustedfirmware-a.readthedocs.io/en/latest/. Accessed 1 May 2020

19.

Lowe, G.: A hierarchy of authentication specification. In: Proceedings of the CSFW, Rockport, Massachusetts, USA, pp. 31–44 (1997)

20.

FIDO. Web Authentication: An API for accessing Public Key Credentials Level 1. https://www.w3.org/TR/webauthn-1/. Accessed 1 May 2020

21.

FIDO. FIDO ECDAA Algorithm. https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2.0-id-20180227.html. Accessed 1 May 2020

22.

Chen, L., Li, J.: Flexible and scalable digital signatures in TPM 2.0. In: Proceedings of the NDSS, Berlin, Germany, pp. 37–48 (2013)

Title: A Symbolic Model for Systematically Analyzing TEE-Based Protocols
Authors: Shiwei Xu
Yizhi Zhao
Zhengwei Ren
Lingjuan Wu
Yan Tong
Huanguo Zhang
Publisher: Springer International Publishing
Book: Information and Communications Security
Print ISBN: 978-3-030-61077-7

Electronic ISBN: 978-3-030-61078-4

Copyright Year: 2020
DOI: https://doi.org/10.1007/978-3-030-61078-4_8

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner