Requirements for a hybrid TPM based on optimized ML-DSA post-quantum signature

  • Felipe José Aguiar Rampazzo Unicamp
  • Rodrigo de Meneses Unicamp
  • Caio Teixeira Unicamp
  • Marco A. Amaral Henriques Unicamp
DOI: https://doi.org/10.5753/sbseg.2024.241843

Resumo


A Trusted Platform Module (TPM) is used to ensure trust between connected devices by storing device integrity measurements. Both TPM and traditional security systems rely on asymmetric cryptography, which can be vulnerable to quantum computers. This work aims to find the requirements for a TPM secured by traditional and post-quantum algorithms, considering the transition through a hybrid model that remains secure even if the post-quantum algorithm breaks. Then, it analyzes the impact of this hybrid model in a TPM using a hybrid TPM emulated in software.

Referências

Peter W. Shor. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput., 26(5):1484–1509, 1997. ISSN 0097-5397. URL DOI: 10.1137/S0097539795293172.

Dustin Moody. Status report on the third round of the NIST post-quantum cryptography standardization process. Technical report, 2022. URL DOI: 10.6028/nist.ir.8413.

Ward Beullens. Breaking rainbow takes a weekend on a laptop. Berlin, Heidelberg, 2022. Springer-Verlag. ISBN 978-3-031-15978-7. URL DOI: 10.1007/978-3-031-15979-4_16.

Sebastian Paul, Felix Schick, and Jan Seedorf. Tpm-based post-quantum cryptography: A case study on quantum-resistant and mutually authenticated tls for iot environments. In Proceedings of the 16th International Conference on Availability, Reliability and Security, ARES ’21, New York, NY, USA, 2021. Association for Computing Machinery. ISBN 9781450390514. URL DOI: 10.1145/3465481.3465747.

Yongjin Kim and Evan Kim. htpm: Hybrid implementation of trusted platform module. In Proceedings of the 1st ACM Workshop on Workshop on Cyber-Security Arms Race, CYSARM’19, page 3–10, New York, NY, USA, 2019. Association for Computing Machinery. ISBN 9781450368407. URL DOI: 10.1145/3338511.3357348.

O. Gilles, D. Gracia Pérez, P.-A. Brameret, and V. Lacroix. Securing iiot communications using opc ua pubsub and trusted platform modules. J. Syst. Archit., 134(C), 2023. ISSN 1383-7621. URL DOI: 10.1016/j.sysarc.2022.102797.

Luís Fiolhais, Paulo Martins, and Leonel Sousa. Software emulation of quantum resistant trusted platform modules. pages 477–484, 01 2020. DOI: 10.5220/0009886004770484.

Roberto Román and Iluminada Baturone. Sealed storage for low-cost iot devices: An approach using sram pufs and post-quantum cryptography. In Proceedings of the 2021 European Interdisciplinary Cybersecurity Conference, EICC ’21, page 54–59, New York, NY, USA, 2021. Association for Computing Machinery. ISBN 9781450390491. URL DOI: 10.1145/3487405.3487651.

Roberto Román, Rosario Arjona, and Iluminada Baturone. A lightweight remote attestation using pufs and hash-based signatures for low-end iot devices. Future Gener. Comput. Syst., 148(C):425–435, 2023. ISSN 0167-739X. URL DOI: 10.1016/j.future.2023.06.008.

Trusted Computing Group. Trusted platform module (tpm) 2.0: A brief introduction. Technical report, Trusted Computing Group, 2019.

NIST. Module-Lattice-Based Digital Signature Standard. National Institute of Standards and Technology, August 2024. URL DOI: 10.6028/NIST.FIPS.204.

Joppe W. Bos, Joost Renes, and Amber Sprenkels. Dilithium for memory constrained devices. In Progress in Cryptology - AFRICACRYPT 2022, page 217–235, Berlin, Heidelberg, 2022. Springer-Verlag. ISBN 978-3-031-17432-2. URL DOI: 10.1007/978-3-031-17433-9_10.
Publicado
16/09/2024
Como Citar

Selecione um Formato
RAMPAZZO, Felipe José Aguiar; MENESES, Rodrigo de; TEIXEIRA, Caio; HENRIQUES, Marco A. Amaral. Requirements for a hybrid TPM based on optimized ML-DSA post-quantum signature. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 24. , 2024, São José dos Campos/SP. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2024 . p. 857-863. DOI: https://doi.org/10.5753/sbseg.2024.241843.