Waltzing the Bear, or: A Trusted Virtual Security Module

Ronald Tögl; Florian Reimair; Martin Pirker

doi:10.1007/978-3-642-40012-4_10

Waltzing the Bear, or: A Trusted Virtual Security Module

Ronald Tögl, Florian Reimair, Martin Pirker

Institute of Information Security (7050)

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abstract

Cryptographic key material needs to be protected. Currently, this is achieved by either pure software based solutions or by more expensive dedicated hardware security modules. We present a practical architecture to project the security provided by the Trusted Platform Module and Intel Trusted eXecution Technology on a virtual security module.

Our approach uses commodity personal computer hardware to offer integrity protection and strong isolation to a security module which implements a compact security API that has been fully verified. Performance results suggest that our approach offers an attractive balance between speed, security and cost.

Original language	English
Title of host publication	Public Key Infrastructures, Services and Applications
Subtitle of host publication	9th European Workshop, EuroPKI 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers
Place of Publication	Berlin; Heidelberg
Publisher	Springer Verlag
Pages	145-160
ISBN (Print)	978-3-642-40011-7
DOIs	https://doi.org/10.1007/978-3-642-40012-4_10
Publication status	Published - 2012
Event	European PKI Workshop: Research and Applications - Pisa, Italy Duration: 13 Sept 2012 → 14 Sept 2012

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer Verlag
Volume	7868

Conference

Conference	European PKI Workshop: Research and Applications
Country/Territory	Italy
City	Pisa
Period	13/09/12 → 14/09/12

Fields of Expertise

Information, Communication & Computing

Treatment code (Nähere Zuordnung)

Application

Access to Document

10.1007/978-3-642-40012-4_10

paper.pdfFinal published version, 893 KB

EU - SEPIA - Secure, Embedded Platform with advanced Process Isolation and Anonymity Capabilities
Winter, J. (Co-Investigator (CoI)), Dietrich, K. (Co-Investigator (CoI)), Pirker, M. (Co-Investigator (CoI)), Hein, D. (Co-Investigator (CoI)), Bloem, R. (Co-Investigator (CoI)), Tögl, R. (Co-Investigator (CoI)) & Podesser, S. (Co-Investigator (CoI))
1/06/10 → 31/05/13
Project: Research project
acTVsM! - Advanced Cryptographic Trusted Virtual Security Module
Tögl, R. (Co-Investigator (CoI)), Pirker, M. (Co-Investigator (CoI)), Niederl, A. (Co-Investigator (CoI)) & Bloem, R. (Principal Investigator (PI))
1/04/09 → 31/03/11
Project: Research project
Trusted Computing
Niederl, A. (Co-Investigator (CoI)), Lipp, P. (Co-Investigator (CoI)), Hein, D. (Co-Investigator (CoI)), Vejda, T. (Co-Investigator (CoI)), Podesser, S. (Co-Investigator (CoI)), Tögl, R. (Co-Investigator (CoI)), Dietrich, K. (Co-Investigator (CoI)), Bratko, H. (Co-Investigator (CoI)), Winter, J. (Co-Investigator (CoI)) & Pirker, M. (Co-Investigator (CoI))
1/10/05 → 15/07/19
Project: Research area

Cite this

Tögl, R., Reimair, F., & Pirker, M. (2012). Waltzing the Bear, or: A Trusted Virtual Security Module. In Public Key Infrastructures, Services and Applications: 9th European Workshop, EuroPKI 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers (pp. 145-160). (Lecture Notes in Computer Science; Vol. 7868). Springer Verlag. https://doi.org/10.1007/978-3-642-40012-4_10

Waltzing the Bear, or: A Trusted Virtual Security Module. / Tögl, Ronald; Reimair, Florian; Pirker, Martin.
Public Key Infrastructures, Services and Applications: 9th European Workshop, EuroPKI 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers. Berlin; Heidelberg: Springer Verlag, 2012. p. 145-160 (Lecture Notes in Computer Science; Vol. 7868).

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Tögl, R, Reimair, F & Pirker, M 2012, Waltzing the Bear, or: A Trusted Virtual Security Module. in Public Key Infrastructures, Services and Applications: 9th European Workshop, EuroPKI 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers. Lecture Notes in Computer Science, vol. 7868, Springer Verlag, Berlin; Heidelberg, pp. 145-160, European PKI Workshop: Research and Applications, Pisa, Italy, 13/09/12. https://doi.org/10.1007/978-3-642-40012-4_10

@inproceedings{ac2b13194ae3407eb1121d6604439751,

title = "Waltzing the Bear, or: A Trusted Virtual Security Module",

abstract = "Cryptographic key material needs to be protected. Currently, this is achieved by either pure software based solutions or by more expensive dedicated hardware security modules. We present a practical architecture to project the security provided by the Trusted Platform Module and Intel Trusted eXecution Technology on a virtual security module.Our approach uses commodity personal computer hardware to offer integrity protection and strong isolation to a security module which implements a compact security API that has been fully verified. Performance results suggest that our approach offers an attractive balance between speed, security and cost.",

author = "Ronald T{\"o}gl and Florian Reimair and Martin Pirker",

year = "2012",

doi = "10.1007/978-3-642-40012-4_10",

language = "English",

isbn = "978-3-642-40011-7",

series = "Lecture Notes in Computer Science",

publisher = "Springer Verlag",

pages = "145--160",

booktitle = "Public Key Infrastructures, Services and Applications",

address = "Germany",

note = "European PKI Workshop: Research and Applications ; Conference date: 13-09-2012 Through 14-09-2012",

}

TY - GEN

T1 - Waltzing the Bear, or: A Trusted Virtual Security Module

AU - Tögl, Ronald

AU - Reimair, Florian

AU - Pirker, Martin

PY - 2012

Y1 - 2012

N2 - Cryptographic key material needs to be protected. Currently, this is achieved by either pure software based solutions or by more expensive dedicated hardware security modules. We present a practical architecture to project the security provided by the Trusted Platform Module and Intel Trusted eXecution Technology on a virtual security module.Our approach uses commodity personal computer hardware to offer integrity protection and strong isolation to a security module which implements a compact security API that has been fully verified. Performance results suggest that our approach offers an attractive balance between speed, security and cost.

AB - Cryptographic key material needs to be protected. Currently, this is achieved by either pure software based solutions or by more expensive dedicated hardware security modules. We present a practical architecture to project the security provided by the Trusted Platform Module and Intel Trusted eXecution Technology on a virtual security module.Our approach uses commodity personal computer hardware to offer integrity protection and strong isolation to a security module which implements a compact security API that has been fully verified. Performance results suggest that our approach offers an attractive balance between speed, security and cost.

U2 - 10.1007/978-3-642-40012-4_10

DO - 10.1007/978-3-642-40012-4_10

M3 - Conference paper

SN - 978-3-642-40011-7

T3 - Lecture Notes in Computer Science

SP - 145

EP - 160

BT - Public Key Infrastructures, Services and Applications

PB - Springer Verlag

CY - Berlin; Heidelberg

T2 - European PKI Workshop: Research and Applications

Y2 - 13 September 2012 through 14 September 2012

ER -

Waltzing the Bear, or: A Trusted Virtual Security Module

Abstract

Publication series

Conference

Fields of Expertise

Treatment code (Nähere Zuordnung)

Access to Document

Fingerprint

Projects

EU - SEPIA - Secure, Embedded Platform with advanced Process Isolation and Anonymity Capabilities

acTVsM! - Advanced Cryptographic Trusted Virtual Security Module

Trusted Computing

Cite this