SpringerLink
Log in

Building Execution Environments from the Trusted Platform Module

  • Chapter
  • First Online:
Trusted Execution Environments

  • 34 Accesses

Abstract

In this chapter, we describe attempts at unifying the worlds of hardware and software in which the behaviour of software is controlled by security hardware. We look at technologies born out of the trusted computing movement, describing one of the key technology enablers: the Trusted Platform Module (TPM) specifications from the Trusted Computing Group. We review several widely deployed commercial technologies that use TPMs to build environments in which applications can be executed on an initially untrusted system. Among these technologies, we look at Intel Trusted Execution Technology (Intel TXT) and AMD’s Secure Virtual Machine (AMD SVM) and Secure Encrypted Virtualisation (AMD SEV). Lastly, we discuss several academic and industry projects that, while not commercially deployed, were still influential in the development of modern trusted execution environments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 34.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 44.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    For information about the precise functions exposed by SIM cards, see the TS 131 102 [1] standard by the European Telecommunications Standards Institute (ETSI), which maintains specifications as part of the 3rd Generation Partnership Project (3GPP).

  2. 2.

    Formally known as the Trusted Computing Platform Alliance between 1999–2003.

  3. 3.

    The notion of a TCB is not restricted to just TPMs; the concept applies to trusted computing platforms more generally. A generic approach to building TEEs is to build a reasonable TCB for maintaining a trusted environment in which applications can execute with additional security assurances.

  4. 4.

    A “monotonic” counter is one whose value can only increase but not decrease (or decrease but not increase).

  5. 5.

    This is firmware that executes on the TPM itself, not the host machine.

  6. 6.

    What is deemed “moderate” attack potential—or, indeed, “low” or “high”—is derived using a scoring system that considers an attacker’s expertise, knowledge of the target, security testing equipment, and other elements. We refer to [17] and Sect. 4.3.1 of Chap. 4 for more precise details about the definitions of each EAL.

References

  1. European Telecommunications Standards Institute, ETSI TS 131 102 (version 15.8.0) (2020). https://www.etsi.org/deliver/etsi_ts/131100_131199/131102/15.08.00_60/ts_131102v150800p.pdf

  2. Trusted Computing Group (TCG), Member companies (2023). https://trustedcomputinggroup.org/membership/member-companies/

  3. Trusted Computing Group (TCG), TCG Glossary 1.1, Rev. 1.00 (2017)

    Google Scholar 

  4. Trusted Platform Module Library Family “2.0” Specification: Parts 1–4 and Code, Rev. 1.59 (2019). https://trustedcomputinggroup.org/wp-content/uploads/Trusted-Platform-Module-Library-Family-2.0-Level-00-Revision-1.59_pub.zip

  5. International Standards Organisation, ISO/IEC 11889—Information technology—Trusted platform module library (2015)

    Google Scholar 

  6. Trusted Computing Group (TCG), TPM Library Specification Family “2.0”—Protection Profile PC Client Specific TPM (2021). https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PP_1p3_for_Library_1p59_pub_29sept2021.pdf

  7. Trusted Computing Group (TCG), TCG TSS 2.0 Overview and Common Structures Specification (2019). https://trustedcomputinggroup.org/wp-content/uploads/TSS_Overview_Common_v1_r10_pub09232021.pdf

  8. TCG Trusted Platform Module Library Part 3: Commands (2019). https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part3_Commands_code_pub.pdf

  9. tpm2-software community, Linux TPM2 & TSS2 Software (2023). https://tpm2-software.github.io

  10. P. Kleissner, Stoned bootkit, in Black Hat USA (2009), pp. 5–7

    Google Scholar 

  11. Trusted Computing Group (TCG), TCG PC Client Platform TPM Profile Specification for TPM 2.0 (version 1.05, revision 14) (2020). https://trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2p0-v1p05p_r14_pub.pdf

  12. E. Brickell, J. Camenisch, L. Chen, Direct anonymous attestation, in Proceedings of the 11th ACM Conference on Computer and Communications Security (2004), pp. 132–145

    Google Scholar 

  13. E. Brickell, L. Chen, J. Li, A new direct anonymous attestation scheme from bilinear maps, in Proceedings of the 1st International Conference on Trusted Computing and Trust in Information Technologies (Springer, Berlin, 2008), pp. 166–178

    Google Scholar 

  14. W. Arthur, D. Challener, K. Goldman, W. Arthur, D. Challener, K. Goldman, History of the TPM, in A Practical Guide to TPM 2.0: Using the New Trusted Platform Module in the New Age of Security (2015), pp. 1–5

    Google Scholar 

  15. D. Gligoroski, S. Andova, S.J. Knapskog, On the importance of the key separation principle for different modes of operation, in Proceedings of the 4th Conference on Information Security Practice and Experience (Springer, Berlin, 2008), pp. 404–418

    Google Scholar 

  16. Trusted Computing Group (TCG), TPM Main: Part 1 Design Principles (Version 1.2) (2003). https://trustedcomputinggroup.org/wp-content/uploads/tpmwg-mainrev62_Part1_Design_Principles.pdf

  17. Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Requirements; Version 3.1, Revision 5, CCMB-2017-04-003 (2017)

    Google Scholar 

  18. AMD, AMD64 Architecture Programmer’s Manual Volume 2: System Programming (2023). https://www.amd.com/system/files/TechDocs/24593.pdf

  19. Intel, Inc., IntelⓇ64 and IA-32 Architectures Software Developer’s Manual—Volume 2D: Instruction Set Reference (2016). https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-2d-manual.pdf

  20. ARM, DRTM architecture for ARM (2022). https://developer.arm.com/documentation/den0113/b

  21. Trusted Computing Group (TCG), TCG D-RTM Architecture (version 1.0) (2013). https://trustedcomputinggroup.org/wp-content/uploads/TCG_D-RTM_Architecture_v1-0_Published_06172013.pdf

  22. A. Carroll, M. Juarez, J. Polk, T. Leininger, Microsoft Palladium: a business overview, in Microsoft Content Security Business Unit, vol. 5 (2002). https://download.microsoft.com/documents/australia/corporateaffairs/palladium_white_paper_public.pdf

  23. M. Peinado, Y. Chen, P. England, J. Manferdelli, NGSCB: a trusted open system, in 9th Australasian Conference on Information Security and Privacy (Springer, Berlin, 2004), pp. 86–97

    Google Scholar 

  24. ExtremeTech, Microsoft’s Palladium: A new security initiative (2002). https://www.extremetech.com/extreme/51450-microsofts-palladium-a-new-security-initiative

  25. Q. Liu, R. Safavi-Naini, N.P. Sheppard, Digital rights management for content distribution, in Conferences in Research and Practice in Information Technology Series, vol. 34 (2003), pp. 49–58

    Google Scholar 

  26. E. Mills, Whatever happened to Microsoft’s DRM plan? (2008). https://www.cnet.com/culture/whatever-happened-to-microsofts-drm-plan/

  27. N. Ferguson, AES-CBC+ Elephant diffuser: a disk encryption algorithm for Windows Vista (2006). https://www.cise.ufl.edu/~nemo/cis4360/refs/bitlocker.pdf

  28. Microsoft, BitLocker overview (2022). https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview

  29. Microsoft, BitLocker countermeasures (2022). https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-countermeasures

  30. Intel, Inc., Intel Trusted Execution Technology (Intel TXT): Software Development Guide—Measured Launch Environment Developer’ Guide (2022)

    Google Scholar 

  31. Intel, Inc., Intel Trusted Execution Technology (TXT) (2018). https://www.intel.com/content/www/us/en/developer/articles/tool/intel-trusted-execution-technology.html

  32. Intel, Inc., IntelⓇTrusted Execution Technology (IntelⓇTXT) Enabling Guide (2014)

    Google Scholar 

  33. AMD, Secure Encrypted Virtualization API (version 0.24) (2020). https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf

  34. AMD, AMD SEV-SNP: Strengthening VM isolation with integrity protection and more (2020). https://www.amd.com/system/files/TechDocs/SEV-SNP-strengthening-vm-isolation-with-integrity-protection-and-more.pdf

  35. P. Kocher, J. Horn, A. Fogh, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, et al., Spectre attacks: exploiting speculative execution. Commun. ACM 63(7), 93–101 (2020)

    Article  Google Scholar 

  36. J.M. McCune, B.J. Parno, A. Perrig, M.K. Reiter, H. Isozaki, Flicker: an execution infrastructure for TCB minimization, in Proceedings of the 3rd ACM SIGOPS European Conference on Computer Systems (2008), pp. 315–328

    Google Scholar 

  37. J.M. McCune, Y. Li, N. Qu, Z. Zhou, A. Datta, V. Gligor, A. Perrig, TrustVisor: efficient TCB reduction and attestation, in IEEE Symposium on Security and Privacy (IEEE, New York, 2010), pp. 143–158

    Google Scholar 

  38. OpenHub, Xen Project (Hypervisor) (2023). https://www.openhub.net/p/xenproject-hypervisor/analyses/latest/languages_summary

Download references

Author information

Authors and Affiliations

  1. School of Computing, Newcastle University, Newcastle upon Tyne, Tyne and Wear, UK

    Carlton Shepherd

  2. Information Security Group, Royal Holloway, University of London, Egham, Surrey, UK

    Konstantinos Markantonakis

Authors
  1. Carlton Shepherd
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Konstantinos Markantonakis
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Shepherd, C., Markantonakis, K. (2024). Building Execution Environments from the Trusted Platform Module. In: Trusted Execution Environments. Springer, Cham. https://doi.org/10.1007/978-3-031-55561-9_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-55561-9_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-55560-2

  • Online ISBN: 978-3-031-55561-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation