A Cloud TPM for Cross-Device Trusted Applications

  • Chen Chen | ETH Zurich

Current Trusted Platform Modules (TPMs) are ill-suited for cross-device scenarios in trusted mobile applications because they hinder the seamless sharing of data across multiple devices. In this talk, I will present cTPM, an extension of the TPM’s design that adds an additional root key to the TPM and shares that root key with the cloud. As a result, the cloud can create and share TPM-protected keys and data across multiple devices owned by one user. Further, the additional key lets the cTPM allocate cloud-backed remote storage so that each TPM can benefit from a trusted real-time clock and high performance, non-volatile storage.

I will show that cTPM is practical, versatile, and easily applicable to trusted mobile applications. This simple change to the TPM specification is viable because its fundamental concepts – a primary root key and offchip, NV storage – are already found in the current specification, TPM 2.0. By avoiding a clean-slate redesign, we sidestep the difficult challenge of re-verifying the security properties of a new TPM design. I will demonstrate cTPM’s versatility with two case studies: extending Pasture with additional functionality, and re-implementing TrInc without the need for extra hardware.

Speaker Details

Chen Chen is a 3rd year Ph.D. student advised by Professor Adrian Perrig in network security group of ETH Zurich. He completed his MS degree from Department of Electrical and Computer Engineering in Carnegie Mellon University, BS degrees from Department of Automation and Department of Applied Mathematics in Tsinghua University. His research interests involve network security and system security in general. Particularly, he enjoys working on secure network architectures design, applying SDN principles to counter network attacks, efficient privacy networks against surveillance, resource accounting in Cloud Computing, and Trust Computing on mobile devices.

Series: Microsoft Research Talks