Attestation using a combined measurement and its constituent measurements
First Claim
1. A method performed by a challenger computer system (“
- challenger”
) to verify an assertion of a prover computer system (“
prover”
), the method comprising;
receiving from the prover an assertion asserting a combined measurement of constituent measurements of resources and a constituent measurement for each of the resources;
checking whether a list of known-good combined measurements includes the asserted combined measurement;
in response to the list including the asserted combined measurement, indicating that the assertion is verified; and
in response to the list not including the asserted combined measurement,for each of the asserted constituent measurements of resources, determining whether that constituent measurement matches a known-good constituent measurement for the corresponding resource;
generating a combined measurement from the asserted constituent measurements;
determining whether the asserted combined measurement matches the generated combined measurement; and
in response to each constituent measurement matching a known-good measurement and the asserted combined measurement matches the generated combined measurement, indicating that the assertion is verified; and
adding the asserted combined measurement to the list to avoid the overhead of verifying the asserted constituent measurements and generating a combined measurement when the same asserted combined measurement is subsequently received.
2 Assignments
0 Petitions
Accused Products
Abstract
An attestation system for asserting and verifying assertions of a known-good state of a computer system is provided. The attestation system allows a challenger and a prover to conduct an attestation so that the challenger can verify an assertion of the prover. To conduct the attestation, the prover sends, as an assertion of its state, a combined measurement of resources along with a constituent measurement of each resource to the challenger. The challenger verifies the assertion by verifying that the asserted constituent measurements represent known-good measurements and verifying that the asserted combined measurement can be generated from the asserted constituent measurements. To verify the asserted constituent measurements, the challenger determines whether each asserted constituent measurement for a resource is a known-good measurement for that resource. To verify the asserted combined measurement, the challenger generates a combined measurement from the asserted constituent measurements received from the prover.
-
Citations
20 Claims
-
1. A method performed by a challenger computer system (“
- challenger”
) to verify an assertion of a prover computer system (“
prover”
), the method comprising;receiving from the prover an assertion asserting a combined measurement of constituent measurements of resources and a constituent measurement for each of the resources; checking whether a list of known-good combined measurements includes the asserted combined measurement; in response to the list including the asserted combined measurement, indicating that the assertion is verified; and in response to the list not including the asserted combined measurement, for each of the asserted constituent measurements of resources, determining whether that constituent measurement matches a known-good constituent measurement for the corresponding resource; generating a combined measurement from the asserted constituent measurements; determining whether the asserted combined measurement matches the generated combined measurement; and in response to each constituent measurement matching a known-good measurement and the asserted combined measurement matches the generated combined measurement, indicating that the assertion is verified; and adding the asserted combined measurement to the list to avoid the overhead of verifying the asserted constituent measurements and generating a combined measurement when the same asserted combined measurement is subsequently received. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- challenger”
-
10. A prover computer system (“
- prover”
) comprising;a trusted platform component for storing a combined measurement, in a list of known-good combined measurements, that is generated from constituent measurements for resources of the prover that can be trusted as representing the resources; a storage medium storing computer-executable instructions that send to a challenger computer system (“
challenger”
) the combined measurement and the constituent measurements as assertions of the prover so that the challenger can check whether the asserted combined measurement is a known-good combined measurement by checking whether the list includes the asserted combined measurement, and in response to the list not including the asserted combined measurement, for each of the asserted constituent measurements of resources, determining whether that constituent measurement matches a known-good constituent measurement for the corresponding resource;
generating a combined measurement from the asserted constituent measurements;
determining whether the asserted combined measurement matches the generated combined measurements; and
in response to each constituent measurement matches a known-good measurement and the asserted combined measurement matches the generated combined measurement, indicating that the assertion is verified; and
adding the asserted combined measurement to the list to avoid the overhead of verifying the asserted constituent measurements and generating a combined measurement when the same asserted combined measurement is subsequently received; anda processor for executing the computer-executable instructions stored in the storage medium. - View Dependent Claims (11, 12, 13, 14, 15, 16)
- prover”
-
17. A computer-readable storage medium storing computer-executable instructions for controlling a challenger computer system (“
- challenger”
) to verify an assertion of a prover computer system (“
prover”
), the computer-executable instructions comprising instructions that;receive the assertion of the prover asserting a combined measurement of constituent measurements of resources of the prover generated by a trusted platform module of the prover and, for at least some of the resources, asserting constituent measurements for the resources; determining whether a list of known-good combined measurements includes the asserted combined measurement; in response to the list including the asserted combined measurement, indicating that the assertion is verified; and in response to the list not including the asserted combined measurement for each of the asserted constituent measurements of the resources, determining whether the constituent measurement matches a known-good constituent measurement for the corresponding resource;
generating a combined measurement from the asserted constituent measurements;
determining whether the asserted combined measurement matches the generated combined measurement; and
in response to each of the asserted constituent measurements matching a known-good constituent measurement and the asserted combined measurement matching a combined measurement generated from the asserted constituent measurements, indicating that the assertion is verified, and that the asserted combined measurement is a known-good combined measurement, and adding the asserted combined measurement to the list to avoid the overhead of verifying the asserted constituent measurements and generating a combined measurement when the same asserted combined measurement is subsequently received. - View Dependent Claims (18, 19, 20)
- challenger”
Specification