7th European Symposium on Research in Computer Security (ESORICS 2002)
Outbound Authentication for Programmable Secure Coprocessors
Sean W. Smith
Abstract : A programmable secure coprocessor platform can help solve many security problems in distributed computing. However, these solutions usually require that coprocessor applications be able to participate as full-fledged parties in distributed cryptographic protocols. Thus, to fully enable these solutions, a generic platform must not only provide programmability, maintenance, and configuration in the hostile field--it must also provide outbound authentication for the entities that result. A particular application on a particular untampered device must be able to prove who it is to a party on the other side of the Internet. This paper offers our experiences in solving this problem for a high-end secure coprocessor product. This work required synthesis of a number of techniques, so that parties with different and dynamic views of trust can draw consistent and complete conclusions about remote coprocessor applications. These issues may be relevant to the industry's growing interest in rights management for general desktop machines.
Proceedings table of contents