Home Results Demonstrators
NaDa Management Demo PDF Print E-mail

The Trusted Bit Torrent protocol, developed within the scope of NaDa, is used for the distribution of content and applications for the Set-Top-Boxes in the NaDa environment.  In contrast to the typical application scenarios of peer to peer protocols like Bit Torrent, the distribution of data in the NaDa context has to be controlled by the central NaDa management. To realize a "realistic" integration of the Trusted Bit Torrent implementation and for measurement purposes, the NaDa management was simulated by using OMF (cOntrol and Management Framework). The relevant part of the management protocol was implemented as an OMF experiment and an OMF application with an interface to the Trusted Bit Torrent application. For the test environment one management server running the OMF experiment controller and ten NaDa clients with an Atom 1.6 GHZ CPU equipped with an Infineon TPM chip were used.  As the clients normally do not run in the environment of the ISP, the state of the clients has to be checked before applications can be  ntegrated into the NaDa network. The system state of the NaDa clients is verified by remote attestation using the TPM chip of the clients. It is assumed that the Attestation Identity Keys (AIKs) of the NaDa clients are produced in a secure environment and the public AIKs are stored on the NaDa management server. The management server also stores fingerprints (SHA-1) of software which is installed on the NaDa clients (as part of an OS kernel extension) or software which has to be installed on the client like application  lices.  The software which is executed on a client is measured, the fingerprints are stored in a Stored Measurement Log (SML), and the fingerprints are inserted into a certain TPM PCR register. The current SML of the client and the signed value (using the AIK of the client) can be used to verify the valid system state by NaDa management.  To secure installation of costumer applications the NaDa OMF application of the client performs an extension of the SML using the fingerprint of the content after successful download by the Trusted Bit Torrent implementation. Thus beside executed code on the NaDa clients virtual images of customer applications become part of the system state, which has to be proved.

The results and measurements of the experiments showed that TPM technology can be successfully applied in a managed peer to peer environment like the NaDa context. The experiment description is available here.

Trusted Storage PDF Print E-mail

Notwithstanding the adoption of strong cryptographic mechanisms, the anticipated degree of security in the protection and management of privacy sensitive data can only be achieved, if secret keys can be shielded adequately. In practice, most implementations are based on software tokens that shall guard the keys against eavesdropping. This fact alleviates the hardness of circumvention of used cryptographic protocols and with this the disclosure of secret keys. In this demonstrator  a key management architecture which – based on the capabilities of Trusted Computing Technology – is shown that will provide a higher level of security. The source code can be found here and also the thesis text is available. For the purpose of demonstration the frontend is integrated into a FireFox plugin.

Incentives PDF Print E-mail

From our perspective of protecting the availability and robustness of the overall network the primary goal is to assure that as few as possible people turn of or tamper their nodes at home. Incentives as far as we understand them are meant to support this aim.
Many possible incentive schemes have in common that a reliable metering of the device operation is required to provide a base for the incentive distribution. Incentives in this case are values given to the end users running the nodes in their vicinity. Basically there are two ways to establish the metering process. First, the incentive calculation can rely on a centralised reporting which queries periodically the availability of the nodes and stores these results in the central infrastructure. Such a scheme requires a certain amount of bandwidth for the metering process.

In contrast to the centralised approach a distributed scheme based on device side metering can save bandwidth and computational recources on the infratsructure side. This means sampling and storing the data on the individual node and collecting the measurements only from time to time. For such a scheme a central authority providing for time stamps is required which is contacted by the node on power up. After this initial connect no further communication is required.

The attached some sample source code shows this scheme. The archive includes also a demo log file. On the side of the infratsructure (ISP) this log can be evaluated (the signatures verified) and then the incentive granted.

Trusted Ticket Systems Demo PDF Print E-mail

Most existing identity management solutions include the use of software based assertions, so called tickets, to manage identities. The goal of this thesis is to develop a concept that allows an individual, either a user or a device, to access a service from a service provider with a chosen identity. The concept shall allow for pseudonymous access to the service provider. The individual therefore retrieves a ticket from an identity provider, making an assertion of the identity. The identity provider verifies the integrity of the system, and based on this assessment issues the ticket. This ticket can then be presented to a service provider to access the service. The service provider establishes a direct trust relationship with the identity provider, relying on the assertions that the identity provider makes. Thus, a chain of trust is generated, allowing the service provider to indirectly lay trust in the individual. It is essential for the tickets to be bound to the TPM, and thus the hardware of the system. This increases the security of conventional systems by inhibiting attacks involving copies of issued tickets.

This demonstration (image and HOWTO) shows how to apply the developed concepts in a small system with one client. More details on the concepts can be found here. The Source can be found here.

Trusted Watermarks in peer to peer scenarios PDF Print E-mail

The intention of this demonstrator (image and README) is to show a concept for a so called Trusted Set-Top-Box (TSTB) that will make use of peer-to-peer file sharing mechanisms to provide the customer with realtime and on-demand video streaming. To protect copyrighted video material from theft in a customer-friendly manner, novel watermarking-technology will be used. This allows for unproblematic playback of acquired media on distinct playback devices. The TSTB besides is referenced to be trusted since TPM-Technology will serve as security anchor, providing methods for attesting the devices’ integrity. Through this unauthorized modification of the device will be detected to take actions upon. More details on the concepts are given here. The source code can be found here.