@article{schnorr91, author = {Schnorr, Claus}, year = {1991}, month = {01}, pages = {161-174}, title = {Efficient signature generation by smart cards}, volume = {4}, journal = {Journal of Cryptology}, doi = {10.1007/BF00196725} } @article{cramer98, author = {Cramer, R. and Shoup, V.}, year = {1998}, month = {01}, pages = {}, title = {A practical public-key cryptosystem secure against adaptive chosen ciphertexts attacks} } @inproceedings{camenisch04, author = {Camenisch, Jan and Lysyanskaya, Anna}, year = {2004}, month = {08}, pages = {56-72}, title = {Signature Schemes and Anonymous Credentials from Bilinear Maps}, volume = {3152/2004}, journal = {Signature Schemes and Anonymous Credentials from Bilinear Maps}, doi = {10.1007/978-3-540-28628-8_4} } @inproceedings{camenisch16, author = {Camenisch, Jan and Drijvers, Manu and Lehmann, Anja}, editor= {Cheng, Chen-Mou and Chung, Kai-Min and Persiano, Giuseppe and Yang, Bo-Yin}, year = {2016}, month = {03}, pages = {234-264}, title = {Universally Composable Direct Anonymous Attestation}, booktitle = {Public-Key Cryptography -- PKC 2016}, publisher = {Springer Berlin Heidelberg}, address = {Berlin, Heidelberg}, isbn = {978-3-662-49386-1}, doi = {10.1007/978-3-662-49387-8_10} } @inproceedings{camenisch16b, author = {Camenisch, Jan and Drijvers, Manu and Lehmann, Anja}, editor = {Franz, Michael and Papadimitratos, Panos}, title = {Anonymous Attestation Using the Strong Diffie Hellman Assumption Revisited}, booktitle = {Trust and Trustworthy Computing}, year = {2016}, publisher = {Springer International Publishing}, address = {Cham}, pages = {1--20}, doi = {10.1007/978-3-319-45572-3_1} } @inproceedings{barreto05, author = {Barreto, Paulo and Naehrig, Michael}, year = {2005}, month = {08}, pages = {319-331}, title = {Pairing-Friendly Elliptic Curves of Prime Order}, volume = {3897}, journal = {LNCS}, doi = {10.1007/11693383_22} } @article{camenisch97, author = {Camenisch, Jan and Stadler, Markus}, year = {1997}, month = {01}, pages = {}, title = {Efficient Group Signature Schemes for Large Groups}, volume = {1296}, journal = {CRYPTO '97} } @inproceedings{chen09, author = {Chen, Liqun and Page, Dan and Smart, Nigel}, year = {2010}, month = {11}, pages = {223-237}, title = {On the Design and Implementation of an Efficient DAA Scheme}, doi = {10.1007/978-3-642-12510-2_16} } @inproceedings{chen10, author = {Chen, Liqun and Page, Dan and Smart, Nigel}, year = {2010}, month = {11}, pages = {223-237}, title = {On the Design and Implementation of an Efficient DAA Scheme}, doi = {10.1007/978-3-642-12510-2_16} } @inproceedings{camenisch17, author = {Camenisch, Jan and Chen, Liqun and Drijvers, Manu and Lehmann, Anja and Novick, David and Urian, Rainer}, year = {2017}, month = {05}, pages = {901-920}, title = {One TPM to Bind Them All: Fixing TPM 2.0 for Provably Secure Anonymous Attestation}, doi = {10.1109/SP.2017.22} } @article{winkler11, author = {Winkler, Thomas and Rinner, Bernhard}, year = {2011}, month = {01}, pages = {}, title = {Securing Embedded Smart Cameras with Trusted Computing}, volume = {2011}, journal = {EURASIP J. Wireless Comm. and Networking}, doi = {10.1155/2011/530354} } @book{arthur15, author = {Arthur, Will and Challener, David and Goldman, Kenneth}, year = {2015}, month = {01}, pages = {}, title = {A Practical Guide to TPM 2.0}, doi = {10.1007/978-1-4302-6584-9} } @book{proudler14, author = {Proudler, Graeme and Chen, Liqun and Dalton, Chris}, year = {2014}, month = {01}, pages = {}, title = {Trusted Computing Platforms}, doi = {10.1007/978-3-319-08744-3} } @online{pornkitprasan19-diskencryption, author = {Pawit Pornkitprasan}, year = {2019}, month = {07}, title = {Full Disk Encryption on Arch Linux backed by TPM 2.0}, url = {https://medium.com/@pawitp/full-disk-encryption-on-arch-linux-backed-by-tpm-2-0-c0892cab9704}, urldate = {2020-02-27} } @online{pornkitprasan19-tpmtools, author = {Pawit Pornkitprasan}, year = {2019}, month = {10}, title = {Its certainly annoying that TPM2-Tools like to change their command line parameters}, url = {https://medium.com/@pawitp/its-certainly-annoying-that-tpm2-tools-like-to-change-their-command-line-parameters-d5d0f4351206}, urldate = {2020-02-27} } @online{tevora-secureboot, author = {Tevora}, year = {2019}, month = {06}, title = {Configuring Secure Boot + TPM 2}, url = {https://threat.tevora.com/secure-boot-tpm-2/}, urldate = {2020-06-19} } @online{pornkitprasan19-secureboot, author = {Pawit Pornkitprasan}, year = {2019}, month = {07}, title = {The Correct Way to use Secure Boot with Linux}, url = {https://medium.com/@pawitp/the-correct-way-to-use-secure-boot-with-linux-a0421796eade}, urldate = {2020-02-27} } @online{tpmsoftware20, author = {TPM2 Software Community}, year = {2020}, title = {TPM2 Tools}, url = {https://github.com/tpm2-software/tpm2-tools}, urldate = {2020-05-15} } @online{smith18-dealing-sb, author = {Rod Smith}, year = {2018}, month = {07}, title = {Managing EFI Boot Loaders for Linux: Dealing with Secure Boot}, url = {https://www.rodsbooks.com/efi-bootloaders/secureboot.html}, urldate = {2020-02-27} } @online{smith18-controlling-sb, author = {Rod Smith}, year = {2018}, month = {07}, title = {Managing EFI Boot Loaders for Linux: Controlling Secure Boot}, url = {https://www.rodsbooks.com/efi-bootloaders/controlling-sb.html}, urldate = {2020-02-27} } @online{corbet16, author = {Jonathan Corbet}, year = {2016}, month = {02}, title = {Protecting systems with the TPM}, url = {https://lwn.net/Articles/674751/}, urldate = {2020-02-27} } @online{kernelsecurity18, author = {}, year = {2018}, month = {03}, title = {Linux Kernel Integrity}, url = {https://kernsec.org/wiki/index.php/Linux_Kernel_Integrity}, urldate = {2020-02-27} } @inproceedings{chevalier19, author = {Chevalier, Ronny and Cristalli, Stefano and Hauser, Christophe and Shoshitaishvili, Yan and Wang, Ruoyu and Kruegel, Christopher and Vigna, Giovanni and Bruschi, Danilo and Lanzi, Andrea}, year = {2019}, month = {03}, pages = {315-325}, title = {BootKeeper: Validating Software Integrity Properties on Boot Firmware Images}, doi = {10.1145/3292006.3300026} } @inproceedings{butterworth13, author = {Butterworth, John and Kallenberg, Corey and Kovah, Xeno and Herzog, Amy}, year = {2013}, month = {11}, pages = {25-36}, title = {BIOS chronomancy: Fixing the core root of trust for measurement}, journal = {Proceedings of the ACM Conference on Computer and Communications Security}, doi = {10.1145/2508859.2516714} } @inproceedings{moghimi20-tpmfail, title = {{TPM-FAIL: {TPM} meets Timing and Lattice Attacks}}, author = {Daniel Moghimi and Berk Sunar and Thomas Eisenbarth and Nadia Heninger}, booktitle = {29th {USENIX} Security Symposium ({USENIX} Security 20)}, year = {2020}, address = {Boston, MA}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/moghimi}, publisher = {{USENIX} Association}, month = aug, } @InProceedings{BriCamChe04, author = {Brickell and Camenisch and Chen}, title = {Direct Anonymous Attestation}, booktitle = {SIGSAC: 11th ACM Conference on Computer and Communications Security}, publisher = {ACM SIGSAC}, year = {2004}, } @online{tcg20, author = {Trusted Computing Group}, year = {2019}, title = {The TPM Library Specification}, url = {https://trustedcomputinggroup.org/resource/tpm-library-specification/}, urldate = {2020-05-16} } @online{tcg-efi16, author = {Trusted Computing Group}, year = {2016}, title = {TCG EFI Protocol Specification}, url = {https://trustedcomputinggroup.org/resource/tcg-efi-protocol-specification/}, urldate = {2020-08-01} } @online{tcg-pc19, author = {Trusted Computing Group}, year = {2019}, title = {TCG PC Client Platform Firmware Profile Specification Revision 1.04}, url = {https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClientSpecPlat_TPM_2p0_1p04_pub.pdf}, urldate = {2020-08-01} } @online{ima-overview, author = {David Safford and Dmitry Kasatkin and Mimi Zohar}, year = {2020}, title = {Integrity Measurement Architecture (IMA) Wiki Page}, url = {https://sourceforge.net/p/linux-ima/wiki/Home/}, urldate = {2021-03-20} } @online{gentoo19, author = {Gentoo Foundation, Inc}, year = {2019}, title = {Integrity Measurement Architecture/Recipes}, url = {https://wiki.gentoo.org/wiki/Integrity_Measurement_Architecture/Recipes}, urldate = {2021-07-07} } @inproceedings{keylime16, author = {Schear, Nabil and Cable, Patrick T. and Moyer, Thomas M. and Richard, Bryan and Rudd, Robert}, title = {Bootstrapping and Maintaining Trust in the Cloud}, year = {2016}, isbn = {9781450347716}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/2991079.2991104}, doi = {10.1145/2991079.2991104}, booktitle = {Proceedings of the 32nd Annual Conference on Computer Security Applications}, pages = {65–77}, numpages = {13}, location = {Los Angeles, California, USA}, series = {ACSAC ’16} } @online{grub19, author = {Free Software Foundation}, year = {2019}, title = {GRUB 2.04 User Manual: Measuring Boot Components}, url = {https://www.gnu.org/software/grub/manual/grub/html_node/Measured-Boot.html}, urldate = {2021-03-29}, } @online{fido18, author = {FIDO Alliance}, year = {2018}, title = {FIDO ECDAA Algorithm Implementation Draft}, url = {https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2.0-id-20180227.html}, urldate = {2021-07-07}, } @online{mitre18, author = {MITRE Corporation}, year = {2021}, title = {Search Results for "tpm" in the CVE Database}, url = {https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=tpm}, urldate = {2021-05-15}, } @online{xaptum21, author = {Xaptum Inc.}, year = {2021}, title = {Source repository for the ECDAA C Library}, url = {https://github.com/xaptum/ecdaa}, urldate = {2021-07-07}, } @online{ubuntuwiki20, author = {Frazier, Dann}, year = {2020}, title = {Secure Boot}, url = {https://wiki.ubuntu.com/UEFI/SecureBoot}, urldate = {2021-07-24}, } @online{microsoft14, author = {Microsoft}, year = {2014}, title = {Secure Boot Overview}, url = {https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-8.1-and-8/hh824987(v=win.10)}, urldate = {2021-07-24}, } @inproceedings{Nemec17, author = {Nemec, Matus and Sys, Marek and Svenda, Petr and Klinec, Dusan and Matyas, Vashek}, title = {The Return of Coppersmith's Attack: Practical Factorization of Widely Used RSA Moduli}, year = {2017}, isbn = {9781450349468}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/3133956.3133969}, doi = {10.1145/3133956.3133969}, booktitle = {Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security}, pages = {1631–1648}, numpages = {18}, keywords = {smartcard, rsa, factorization, coppersmith's algorithm}, location = {Dallas, Texas, USA}, series = {CCS '17} } @misc{Mayrhofer2020, title = {{Poster: Towards an Architecture for Private Digital Authentication in the Physical World}}, author = {Mayrhofer, René and Roland, Michael and Höller, Tobias}, year = {2020}, month = FEB, howpublished = {Network and Distributed System Security Symposium (NDSS Symposium 2020), Posters}, url = {https://www.mroland.at/uploads/2020/02/Mayrhofer_2020_NDSS2020posters_Digidow.pdf}, pubtype = {poster}, } @online{XattrMan2021, author = {Michael Kerrisk}, year = {2020}, title = {Xattr Man Page}, url = {https://man7.org/linux/man-pages/man7/xattr.7.html}, urldate = {2021-09-19}, } @online{Chieng2021, author = {Eric Chieng}, year = {2021}, title = {The Trusted Platform Module Key Hierarchy}, url = {https://ericchiang.github.io/post/tpm-keys/?utm_campaign=Go%20Full-Stack&utm_medium=email&utm_source=Revue%20newsletter#credential-activation}, urldate = {2021-09-29}, }