Available on Ubuntu, RedHat and optionally Gentoo.
Available on Ubuntu, RedHat and optionally Gentoo.
The kernel has the correct compile options set.
The kernel has the correct compile options set.
\subsection{Handling external hardware}4
\subsection{Handling external hardware}
How can camera and fingerprint sensor be trusted?
How can camera and fingerprint sensor be trusted?
What is the limitation of this solution?
What is the limitation of this solution?
\section{Direct Anonymous Attestation}
\section{Using the DAA Protocol}
Direct anonymous attestation is a group signature scheme which uses the TPM as cryptoprocessor and key store.
The feature of identifiable instances of sensors is not required when interacting with the Digidow network.
Only the \emph{trusted} state of the sensor system and the membership in the corresponding group is relevant.
Hence, the group membership is an essential part to provide trust to the users, requiring a deep knowledge on what hardware and software is installed and which vulnerabilities it might have.
The DAA group membership states that the system is provisioned from a trusted party, namely the DAA issuer.
The level of trust is ultimative since the used version of DAA is only partly dynamic by lacking support of membership removal.
During a Digidow transaction, the sensor attests its state by signing a message containing the IMA log and the PCR registers.
Any party interacting with the sensor is then able to check trustworthiness via integrity and valid membership of the sensor.
We describe in the following which programs need to be installed and what configuration is required to demonstrate a working implementation of DAA.
\subsection{Provision Hosts of Test Setup}
The demonstration setup, shown in \autoref{fig:prototype} consists of three independent hosts which are connected together via TCP/IP.
Every host represent one party in the DAA scheme, each requiring additional software to support the DAA protocol over TCP/IP.
Xaptums ECDAA library need to be installed on all three hosts.
However, the hosts representing issuer and verifier do not require TPM support.
Similar to that, the ECDAA network wrapper has to be installed on every host.
The member needs, besides DAA protocol support, software to capture and process the image of the USB webcam.
We use a small program called \texttt{sensor-capture} for capturing a face image from a webcam.
For biometric processing, we transform the image into an embedding.
This is done with the face recognition prototype of Digidow\footnote{\url{https://git.ins.jku.at/proj/digidow/prototype-facerecognition}}.
\subsubsection{Installing Xaptum ECDAA Library}
\begin{itemize}
\item\emph{DAA issuer}: The issuer needs the Xaptum ecdaa library and the ecdaa network wrapper which is provided with
\end{itemize}
DAA Project from Xaptum: Working DAA handshake and possible TPM integration.
DAA Project from Xaptum: Working DAA handshake and possible TPM integration.
Requires an Attestation Key which is secured with a password policy.
Requires an Attestation Key which is secured with a password policy.
Documentation available for TPM APIs, but no changelog for \texttt{tpm2-tools}.
Documentation is available, but hardly any implementations for DAA and IMA.
Trusted boot and IMA can just handle static resources like files, kernel modules and firmware of hardware components.
Code transmitted over network or otherwse dynamically generated can not be recognized.
This is an open door for non-persistent attacks.
Documentation on IMA is mostly outdated and so are some tools.
Further customization of rules may be useful to reduce log size.
However major Linux distributions support IMA by default on recent releases.
Complexity of verifying system state is too high and is connected to system complexity.
Reducing number of dependencies and relevant file count is key for this problem.
Implemented DAA does not support a full dynamic group scheme.
This might be useful in the future, maybe with a custom implementation of a recent DAA version.
\section{Future Work}
\section{Future Work}
\subsection{Closing the chain of trust between TPM manufacturer and DAA issuer}
\subsection{Closing the chain of trust between TPM manufacturer and DAA issuer}
@ -15,6 +30,8 @@ Activate a credential with to certify that the Membership key is in the Endorsem
\item Practical approach: with EK, AK and AIK to show validity of EK:\\\url{https://ericchiang.github.io/post/tpm-keys/?utm_campaign=Go%20Full-Stack&utm_medium=email&utm_source=Revue%20newsletter#credential-activation}
\item Practical approach: with EK, AK and AIK to show validity of EK:\\\url{https://ericchiang.github.io/post/tpm-keys/?utm_campaign=Go%20Full-Stack&utm_medium=email&utm_source=Revue%20newsletter#credential-activation}
\end{itemize}
\end{itemize}
Further integration in the Digidow environment if DAA is useful for that.
\section{Outlook}
\section{Outlook}
Hardening of the system beyond IMA useful.
Hardening of the system beyond IMA useful.
Minimization also useful, because the logging gets shorter.
Minimization also useful, because the logging gets shorter.
