PrivateCore
HomePrivate: Resources OverviewServer Attestation

Server Attestation

Server attestation refers to the process of authenticating and attesting to the state of a remote platform and its operating system.  Attestation allows for changes in a remote host to be detected by authorized parties.  This process allows administrators to validate server integrity and identify unauthorized changes.  

Below are various resources for understanding server attestation technology.  

  • Intel® Trusted Execution Technology (Intel® TXT)

    Intel® TXT, a feature of the Intel® Xeon® processor, establishes a root of trust by measuring the system hardware and pre-launch software components are in a known good state.  PrivateCore vCage supports Intel TXT and uses Dynamic Root of Trust Measurement (DRTM) to validate that a host system is in a known good state.

    Tags: TXT, Remote Attestation, Server Integrity

  • Trusted Computing Group Trusted Platform Module (TPM)

    A Trusted Computing Group summary of the TPM specification.  TPM is a computer chip (microcontroller) that can securely store information (passwords, certificates, or encryption keys) used to authenticate a platform.  

    Tags: TPM

  • Systematic Treatment of Remote Attestation

    A university research paper providing a systematic overview of remote attestation and deconstruction into necessary properties.

    Tags: Remote Attestation

  • Principles of Remote Attestation

    A research paper by authors from the US National Security Agency (NSA) and MITRE  Corporation laying out principles to guide the development of remote attestation systems.

    Tags: Remote Attestation,

  • A Hijacker’s Guide to the LPC bus

    A university presentation and paper describing the communication mechanism of Trusted Platform Modules (TPMs) and how such mechanisms can be circumvented by attackers with physical access to the system.

    Tags: TPM

  • Attacking Intel® Trusted Execution Technology

    A research paper by Invisible Things Lab describing a practical attack that can bypass the TXT’s trusted boot process. The paper also discusses practical attacks on System Management Mode (SMM) memory in Intel systems.

    Tags: TXT, TPM

  • Eavesdropping Trusted Platform Module Communication

    A university research paper that discusses listening to Trusted Platform Module (TPM) communications by attackers with physical access to a system.  

    Tags: TPM

  • Analyzing trusted platform communication

    A research paper describing methods of tapping into communication between the Trusted Platform Module (TPM) and other parts of the trusted platform.

    Tags: TPM