Property-based Remote Attestation

Ahmad-Reza Sadeghi and Christian Stüble have recently published a
paper
that builds, in some regards, upon an earlier paper by Klaus Kursawe and Christian Stüble. In this new paper, the authors want to achieve something similar as Vivek Haldar et. al. in their paper on semantic remote attestation: enabling remote attestation without revealing the detailed system configuration to the remote challenger.

However, the solutions Ahmad-Reza Sadeghi and Christian Stüble offer differ from the semantic remote attestation proposal: they propose various "property-based" attestation mechanisms which translate demanded properties into concrete platform configurations and vice versa. To achieve this goal, they propose to use trusted third parties, certificates, group signatures, zero-knowledge proofs and commitments in various hardware- or software-based combinations. (They also update the earlier proposal by Klaus Kursawe and Christian Stüble on page 8.) While this is complex stuff, it still seems that the property-based remote attestation proposal can be implemented more easily and for a wider scale of applications than the semantic remote attestation proposal.

All this shows again that quite a lot of research can and should be done in the area of remote attestation. Of course, remote attestation is not only, and even not primarily, a policy problem. All the proposals which people like Ahmad-Reza Sadeghi, Christian Stüble, Klaus Kursawe, Vivek Haldar, Seth Schoen and others propose lead to complex questions relating to cryptography, implementation issues, and real-world limitations such as interoperability and cost-to-implement. It will be interesting to see if one of these proposals finds its ways out of pure research papers.

Add new comment