Browsing by Subject "trusted platform module (TPM)"
Now showing 1 - 2 of 2
Results Per Page
Sort Options
Item Catching the Cuckoo: Verifying TPM Proximity Using a Quote Timing Side-Channel(Springer, Berlin, Heidelberg, 2011-06-22) Fink, Russell A.; Sherman, Alan T.; Mitchell, Alexander O.; Challener, David C.We present a Trusted Platform Module (TPM) application protocol that detects a certain man in the middle attack where an adversary captures and replaces a legitimate computing platform with an imposter that forwards platform authentication challenges to the captive over a high speed data link. This revised Cuckoo attack allows the imposter to satisfy a user's query of platform integrity, tricking the user into divulging sensitive information to the imposter. Our protocol uses an ordinary smart card to verify the platform boot integrity through TPM quote requests, and to verify TPM proximity by measuring TPM tickstamp times required to answer the quotes. Quotes not answered in an expected amount of time may indicate the presence of an imposter's data link, revealing the Cuckoo attack. We describe a timing model for the Cuckoo attack, and summarize experimental results that demonstrate the feasibility of using timing to detect the Cuckoo attack over practical levels of adversary link speeds.Item Scantegrity III: Automatic Trustworthy Receipts, Highlighting Over/Under Votes, and Full Voter Verifiability(2017) Sherman, Alan T.; Fink, Russell A.; Carback, Richard; Chaum, DavidBuilding on lessons learned from the November 2009 Scantegrity II election in Takoma Park, MD, we propose improvements to the Scantegrity II voting system that (1) automatically print trustworthy receipts for easier on-line verification, (2) highlight ballot features including over/under votes to comply with the Help America Vote Act, and (3) achieve full voter verifiability by eliminating print audits. We call the improved voting system Scantegrity III, which features a new ballot style and a special casting station that highlights ballots and prints receipts. Scantegrity III addresses the major limitations of Scantegrity II and delivers the feature most requested by voters and election officials at the Takoma Park election: printing receipts automatically. We present, analyze, and compare three designs for a Scantegrity receipt printer: a simple image duplicator available to voters in an optional separate station before casting; a mark sense translator, connected to the official ballot scanner, which reads encrypted codenumbers printed on the ballot; and the Scantegrity III casting station, which is an embellished mark sense translator. At the Scantegrity III station, voters cast ballots that include both Scantegrity II codes in invisible ink and Scantegrity I codes in conventional ink; this combination of codes enables print audits to be eliminated. We also design a Trusted Platform Module (TPM) enhancement to bolster privacy, to store keys and verification codes, and to ensure that the correct software is booted. Election integrity does not depend on the correct operation of the TPM. Receipt printers reduce the amount of special voter instruction required, improve accessibility, enable each voter to detect if any additional mark is added to her ballot after casting, and make vote verification easier.