Virtual Monotonic Counters and Count-Limited Objects using a TPM without a Trusted OS (Extended Version)
Author(s)Sarmenta, Luis F. G.; van Dijk, Marten; O'Donnell, Charles W.; Rhodes, Jonathan; Devadas, Srinivas
MetadataShow full item record
A trusted monotonic counter is a valuable primitive thatenables a wide variety of highly scalable offlineand decentralized applications that would otherwise be prone to replay attacks, including offline payment, e-wallets, virtual trusted storage, and digital rights management (DRM).In this paper, we show how one can implement a very large number of virtual monotonic counters on an untrusted machine with a Trusted Platform Module (TPM) or similar device, without relying on a trusted OS. We first present a log-based scheme that can be implemented with the current version of the TPM (1.2) and used incertain applications.We then show how the addition of a few simple features tothe TPM makes it possible to implement a hash-tree-based schemethat not only offers improved performance and scalability compared to the log-based scheme, but also makes it possible to implement count-limited objects (or ``clobs'' for short) -- i.e., encrypted keys, data, and other objectsthat can only be used when an associated virtual monotonic counter is within a certain range.Such count-limited objects include n-time use keys, n-out-of-m data blobs,n-copy migratable objects, and other variants, which have many potential uses in digital rights management (DRM), digital cash, digital voting, itinerant computing,and other application areas.
A shorter version of this paper will appear in the 1st ACM CCS Workshop on Scalable Trusted Computing (STC'06).
Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory
trusted storage, key delegation, stored-value, e-wallet, smartcard, memory integrity checking, certified execution