| dc.contributor.advisor |
Srini Devadas |
|
| dc.contributor.author |
Sarmenta, Luis F. G. |
|
| dc.contributor.author |
van Dijk, Marten |
|
| dc.contributor.author |
O'Donnell, Charles W. |
|
| dc.contributor.author |
Rhodes, Jonathan |
|
| dc.contributor.author |
Devadas, Srinivas |
|
| dc.contributor.other |
Computation Structures |
|
| dc.date.accessioned |
2006-09-11T22:20:24Z |
|
| dc.date.available |
2006-09-11T22:20:24Z |
|
| dc.date.issued |
2006-09-11 |
|
| dc.identifier.other |
MIT-CSAIL-TR-2006-064 |
|
| dc.identifier.uri |
http://hdl.handle.net/1721.1/33966 |
|
| dc.description.abstract |
A trusted monotonic counter is a valuable primitive thatenables a wide variety of highly scalable offlineand decentralized applications that would otherwise be prone to replay attacks, including offline payment, e-wallets, virtual trusted storage, and digital rights management (DRM).In this paper, we show how one can implement a very large number of virtual monotonic counters on an untrusted machine with a Trusted Platform Module (TPM) or similar device, without relying on a trusted OS. We first present a log-based scheme that can be implemented with the current version of the TPM (1.2) and used incertain applications.We then show how the addition of a few simple features tothe TPM makes it possible to implement a hash-tree-based schemethat not only offers improved performance and scalability compared to the log-based scheme, but also makes it possible to implement count-limited objects (or ``clobs'' for short) -- i.e., encrypted keys, data, and other objectsthat can only be used when an associated virtual monotonic counter is within a certain range.Such count-limited objects include n-time use keys, n-out-of-m data blobs,n-copy migratable objects, and other variants, which have many potential uses in digital rights management (DRM), digital cash, digital voting, itinerant computing,and other application areas. |
|
| dc.description.provenance |
Made available in DSpace on 2006-09-11T22:20:24Z (GMT). No. of bitstreams: 2
MIT-CSAIL-TR-2006-064.pdf: 430350 bytes, checksum: d0ea5f40f3f2a40b47464087c2937197 (MD5)
MIT-CSAIL-TR-2006-064.ps: 694048 bytes, checksum: 4c7654a0d049089df95f501e60a05d4e (MD5) |
en |
| dc.format.extent |
18 p. |
|
| dc.format.extent |
430350 bytes |
|
| dc.format.extent |
694048 bytes |
|
| dc.format.mimetype |
application/pdf |
|
| dc.format.mimetype |
application/postscript |
|
| dc.language.iso |
en_US |
|
| dc.relation.ispartofseries |
Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory |
|
| dc.subject |
trusted storage |
|
| dc.subject |
key delegation |
|
| dc.subject |
stored-value |
|
| dc.subject |
e-wallet |
|
| dc.subject |
smartcard |
|
| dc.subject |
memory integrity checking |
|
| dc.subject |
certified execution |
|
| dc.title |
Virtual Monotonic Counters and Count-Limited Objects using a TPM without a Trusted OS (Extended Version) |
|
| dc.identifier.citation |
A shorter version of this paper will appear in the 1st ACM CCS Workshop on Scalable Trusted Computing (STC'06). |
|
