Extending TLS with mutual attestation for platform integrity assurance
Normally, secure communication between client-server applications is established using secure channel technologies such as Transport Layer Security (TLS). TLS is cryptographic protocol which ensures secure transmission of data and authenticity of communication at each endpoint platform. However, the...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Engineering and Technology Publishing
2014
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/37590/1/Extending%20TLS%20with%20mutual%20attestation%20for%20platform%20integrity%20assurance.pdf |
| _version_ | 1796973174400745472 |
|---|---|
| author | Abdul Aziz, Nor Azah Udzir, Nur Izura Mahmod, Ramlan |
| author_facet | Abdul Aziz, Nor Azah Udzir, Nur Izura Mahmod, Ramlan |
| author_sort | Abdul Aziz, Nor Azah |
| collection | UPM |
| description | Normally, secure communication between client-server applications is established using secure channel technologies such as Transport Layer Security (TLS). TLS is cryptographic protocol which ensures secure transmission of data and authenticity of communication at each endpoint platform. However, the protocol does not provide any trustworthiness assurance of the involved endpoint. This paper incorporates remote attestation in the TLS key exchange protocol to solve this issue.The proposed embedded attestation extension in TLS protocol will provide assurance of sender's platforms integrity to receiver, and vice versa.The CA responsibility in TLS is replaced using own Trusted Certificate Authority (TCA) in our protocol. The credibility of the proposed protocol is studied to secure against replay attack and collusion attack. The proof is performed using AVISPA with High Level Protocol Specification (HLPSL) through Dolev-Yao intruder model implementation of the proposed protocol. |
| first_indexed | 2024-03-06T08:38:48Z |
| format | Article |
| id | upm.eprints-37590 |
| institution | Universiti Putra Malaysia |
| language | English |
| last_indexed | 2024-03-06T08:38:48Z |
| publishDate | 2014 |
| publisher | Engineering and Technology Publishing |
| record_format | dspace |
| spelling | upm.eprints-375902015-12-18T01:51:47Z http://psasir.upm.edu.my/id/eprint/37590/ Extending TLS with mutual attestation for platform integrity assurance Abdul Aziz, Nor Azah Udzir, Nur Izura Mahmod, Ramlan Normally, secure communication between client-server applications is established using secure channel technologies such as Transport Layer Security (TLS). TLS is cryptographic protocol which ensures secure transmission of data and authenticity of communication at each endpoint platform. However, the protocol does not provide any trustworthiness assurance of the involved endpoint. This paper incorporates remote attestation in the TLS key exchange protocol to solve this issue.The proposed embedded attestation extension in TLS protocol will provide assurance of sender's platforms integrity to receiver, and vice versa.The CA responsibility in TLS is replaced using own Trusted Certificate Authority (TCA) in our protocol. The credibility of the proposed protocol is studied to secure against replay attack and collusion attack. The proof is performed using AVISPA with High Level Protocol Specification (HLPSL) through Dolev-Yao intruder model implementation of the proposed protocol. Engineering and Technology Publishing 2014-01 Article PeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/37590/1/Extending%20TLS%20with%20mutual%20attestation%20for%20platform%20integrity%20assurance.pdf Abdul Aziz, Nor Azah and Udzir, Nur Izura and Mahmod, Ramlan (2014) Extending TLS with mutual attestation for platform integrity assurance. Journal of Communications, 9 (1). pp. 63-72. ISSN 2374-4367; ESSN: 1796-2021 http://www.jocm.us/index.php?m=content&c=index&a=show&catid=128&id=628 10.12720/jcm.9.1.63-72 |
| spellingShingle | Abdul Aziz, Nor Azah Udzir, Nur Izura Mahmod, Ramlan Extending TLS with mutual attestation for platform integrity assurance |
| title | Extending TLS with mutual attestation for platform integrity assurance |
| title_full | Extending TLS with mutual attestation for platform integrity assurance |
| title_fullStr | Extending TLS with mutual attestation for platform integrity assurance |
| title_full_unstemmed | Extending TLS with mutual attestation for platform integrity assurance |
| title_short | Extending TLS with mutual attestation for platform integrity assurance |
| title_sort | extending tls with mutual attestation for platform integrity assurance |
| url | http://psasir.upm.edu.my/id/eprint/37590/1/Extending%20TLS%20with%20mutual%20attestation%20for%20platform%20integrity%20assurance.pdf |
| work_keys_str_mv | AT abdulaziznorazah extendingtlswithmutualattestationforplatformintegrityassurance AT udzirnurizura extendingtlswithmutualattestationforplatformintegrityassurance AT mahmodramlan extendingtlswithmutualattestationforplatformintegrityassurance |