preisacm
/
masterthesis
1
0
Fork 0
Code Issues Releases Wiki Activity
Master Thesis as published at INS in 2022
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
71 Commits
1 Branch
0 Tags
200 MiB
 
 
Tree: f97e018546
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f97e018546'
${ noResults }
masterthesis/presentation/191119_long/long.tex

216 lines
6.8 KiB
Raw Blame History

\documentclass[naustrian,notes]{beamer}
\input{header}
%Titelinformationen
\title[Digidow Biometric Sensor]{Digital Shadow: Biometric Sensor}
\subtitle{Master's Thesis Seminar}
\author[Michael Preisach]{Michael Preisach}
\date{November 19, 2019}
\institute[INS]{\includegraphics[width=0.1\textwidth]{../../resources/ins}}
\begin{document}
\begin{frame}
\titlepage
\end{frame}
\begin{frame}
\frametitle{Project Overview Digital Shadow}
\begin{figure}
\centering
\includegraphics[width=0.9\textwidth]{../../resources/globalview}
\end{figure}
\end{frame}
\begin{frame}
\frametitle{Chain of Trust}
\begin{itemize}
\item Manufacturer of TPM creates certificate
\item Core Root of Trust: key seed
\item \texttt{tpm2\_CreatePrimary} to generate new EK
\end{itemize}
\begin{figure}
\centering
\includegraphics[width=0.9\textwidth]{../../resources/tpmcert}
\end{figure}
\end{frame}
\begin{frame}
\frametitle{Chain of Trust - Platform Configuration Register (PCR)}
\begin{itemize}
\item Booting with TPM2 (PCR0-7)
\begin{description}
\item[\texttt{PCR0}] EFI Boot Services, EFI Runtime Services, Platform Firmware
\item[\texttt{PCR1}] ACPI, SMBIOS, \ldots
\item[\texttt{PCR2}] Option ROMs, Drivers from disks, \ldots (not relevant)
\item[\texttt{PCR4}] EFI/Legacy os Loader
\item[\texttt{PCR5}] EFI Partition, GPT, OS Partition Table
\end{description}
\item Grub2.04 supports TPM2 (PCR8,9) \footnote{\url{www.gnu.org/software/grub/manual/grub/grub.html\#Measured-Boot}}
\begin{description}
\item[\texttt{PCR8}] Kernel-, Module- and all other commands
\item[\texttt{PCR9}] All files read by GRUB
\end{description}
\item Linux uses PCR10-15
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Problem: Create Trust between BS and PA}
\begin{itemize}
\item Network discovery
\item \textbf{No Knowledge about BS}
\begin{itemize}
\item \textbf{Hardware}
\item \textbf{Software}
\item \textbf{Am I talking to a valid BS}
\item Correct client to certify identity for given biometric data
\end{itemize}
\item \textbf{BS faces same problem with PA}
\item Establish a secure channel to submit sensitive data
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Solution: Direct Anonymous Attestation (DAA)}
\begin{center}
\includegraphics[width=0.7\textwidth]{../../resources/daa}
\end{center}
\begin{itemize}
\item based on group signatures
\item Zero Knowledge Proof to verify group membership
\item defines 3 Parties
\begin{itemize}
\item \emph{Issuer}: provides public key for a group (e.g. all Biometric Sensors) and manages group memberships
\item \emph{Member}: holds a group private key to sign messages (e.g. a Biometric Sensor)
\item \emph{Verifier}: knows the group public key and is able to verify correctness of signature (e.g. Personal Agent)
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{ECDAA Setup}
\begin{itemize}
\item Choose TPM-supported pairing-firendly Elliptic Curve: FP256BN
\item Generate Issuer keypair
\item $isk = (x,y)$
\item $ipk = (q,\mathbb{G}_1, \mathbb{G}_2, \mathbb{G}_T, g_1, g_2, e, X, Y)$
\item Publish ipk
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{ECDAA Member Join}
\begin{center}
\includegraphics[width=0.9\textwidth]{../../resources/daajoin}
\end{center}
\end{frame}
\begin{frame}
\frametitle{ECDAA Member Sign}
\begin{center}
\includegraphics[width=0.9\textwidth]{../../resources/daajoin}
\end{center}
\end{frame}
\begin{frame}
\frametitle{ECDAA Member Verify}
\begin{center}
\includegraphics[width=0.9\textwidth]{../../resources/daajoin}
\end{center}
\end{frame}
\begin{frame}
\frametitle{DAA Setup: Issuer creates Bilinear Group and Keys}
\[
q,\mathbb{G}_1, \mathbb{G}_2, \mathbb{G}_T, g_1, g_2, e
\]
\begin{itemize}
\item $\mathbb{G}_1, \mathbb{G}_2, \mathbb{G}_T$: groups of prime order $q$
\item $g_1 \in \mathbb{G}_1$, $g_2 \in \mathbb{G}_2$: generator points
\item $e$: bilinear map with properties
\begin{itemize}
\item \emph{Bilinear}: For all $P \in \mathbb{G}_1, Q \in \mathbb{G}_2$, for all $a,b \in \mathbb{Z}$, $ e(P^a,Q^b) = e(P,Q)^{ab}$
\item \emph{Non-degenerate}: There exists some $P \in \mathbb{G}_1, Q \in \mathbb{G}_2$ such that $e(P,Q) \neq 1$, where 1 is the identity of $\mathbb{G}_T$
\item \emph{Efficient}: There exists an efficient algorithm for computing $e$
\end{itemize}
\item Choose secret key $x\leftarrow\mathbb{Z}_q$, $y\leftarrow\mathbb{Z}_q$
\item generate public key $X=g_2^x$, $Y=g_2^y$
\item $ipk = (q,\mathbb{G}_1, \mathbb{G}_2, \mathbb{G}_T, g_1, g_2, e, X, Y)$
\item $isk = (x,y)$
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{Bilinear Maps - Sign Messages}
\begin{itemize}
\item Simplified Example: $\mathbb{G}_1 = \mathbb{G}_2$
\item $pk = (q,\mathbb{G}_1, \mathbb{G}_T, g_1, g_T, e, X, Y)$
\item Given message $m$
\end{itemize}
\begin{columns}[t]
\begin{column}{4cm}
\emph{Signer:}
\begin{itemize}
\item Compute Signature $\sigma(a,b,c)$
\begin{itemize}
\item $a \in \mathbb{G}_1$
\item $b = a^y$
\item $c = a^{x+mxy}$
\end{itemize}
\item Send(m, $\sigma$)
\end{itemize}
\end{column}
\begin{column}{6cm}
\emph{Verifier:}
\begin{itemize}
\item Check, that
\begin{small}
\begin{displaymath}
\underline{e(a,Y)} = e(a,g^y) = e(a^y,g) = \underline{e(b,g)}
\end{displaymath}
\begin{displaymath}
\underline{e(X,a)\cdot e(X,b)^m} = e(g,a)^x \cdot e(g,a)^{xym}
\end{displaymath}
\begin{displaymath}
= e(g,a)^{x+xym} = \underline{e(g,c)}
\end{displaymath}
\end{small}
\end{itemize}
\end{column}
\end{columns}
\end{frame}
\begin{frame}
\frametitle{Bilinear Maps: Zero Knowledge Proofs}
\begin{itemize}
\item Do the same as before, but choose to additional random variables $r$ and $r'$
\end{itemize}
\end{frame}
\begin{frame}
\frametitle{DAA Join: Member joins to Issuer's Group}
\begin{center}
\begin{footnotesize}
\begin{tabular}{|lclcl|}\hline
\multicolumn{1}{|c}{TPM}&&\multicolumn{1}{c}{Host}&&\multicolumn{1}{c|}{Issuer}\\\hline
&&&$\xrightarrow{\text{JOIN}}$&$n\leftarrow\{0,1\}^{ln}$\\
$gsk\leftarrow\mathbb{Z}$&$\xleftarrow{\makebox[5mm]{n}}$&&$\xleftarrow{\makebox[5mm]{n}}$&\\
$Q\leftarrow g_1^{gsk}$&&&&\\
$\pi_1\rightarrow SPK\{(\alpha):g_1^\alpha\}$&$\xrightarrow{Q,\pi_1}$&&$\xrightarrow{Q,\pi_1}$&verify $\pi_1$\\
&&&&$r\leftarrow\mathbb{Z}_q$\\
&&&&$a\leftarrow g_1^r$\\
&&&&$b\leftarrow a^{x+ym}$\\
&&&&$c\leftarrow a^x\cdot Q^{rxy}$\\
&&&&$d\leftarrow Q^{ry}$\\
&&&&$\pi_2\leftarrow SPK\{(t):$\\
&&$e(a,X)\cdot e(c,Y)$&$\xleftarrow{a,b,c,d,\pi_2}$&$ b=g_1^t \wedge d=Q^t\}$\\
verify $\pi_2$&$\xleftarrow{b,d,\pi_2}$&$\stackrel{?}{=}e(b,g_2)$&&\\
store($gsk, b, d$)&$\xrightarrow{JOINED}$&store($a,b,c,d$)&&\\\hline
\end{tabular}
\end{footnotesize}
\end{center}
\end{frame}
\end{document}