Marten van Dijk

      Consultant, Inventor, Researcher, Applied Mathematician, & Computer Scientist

 

  Resume

  Research Projects

 

  Curriculum Vitae

  Teaching

 

  Publications

  Patents

  Contact Information

 

  Home Page 


   The Trusted Platform Module:
   
    The Trusted Platform Module (TPM) currently supports secure (internal) execution of only a small set 
    of specific-purpose commands. In order to base the security of applications solely on the TPM (and 
    not on a trusted boot into some trusted OS), we developed new techniques for existing TPMs [1].

    As a first application, we have used existing TPMs to address the problem of using an untrusted server
    to provide trusted storage for a large number of clients, where each client may own and use several 
    different devices that may be offline at different times and may not be able to communicate with each 
    other except through the untrusted server (over an untrusted network). We implemented tamper-evident 
    storage where clients are guaranteed to immediately detect illegitimate modifications to their data 
    (including replay and forking attacks) at the time of critical operations. We implemented a virtual 
    counter manager maintaining a large number of virtual monotonic counters using untrusted storage and 
    a TPM. We tested an actual implementation using PlanetLab and a PC with a TPM 1.2 chip [2].

    As a second application, we have used existing TPMs to implement offline count-limited certificates
    [3]. Offline count-limited certificates are digital certificates that: (1) specify usage conditions 
    that depend on irreversible counters, and (2) are used in a protocol that guarantees that any attempt 
    to use them in violation of these usage conditions will be detected even if the user of the 
    certificate and the verifying party have no contact at all with the outside world at the time of the 
    transaction.

    [1] L.F.G. Sarmenta, M. van Dijk, C.W. O'Donnell, J. Rhodes, and S. Devadas, Virtual monotonic counters 
    and count-limited objects using a TPM without a trusted OS, The First ACM Workshop on Scalable Trusted 
    Computing (ACM STC'06),  2006.

    [2] M. van Dijk, J. Rhodes, L.F.G. Sarmenta, and S. Devadas, Offline untrusted storage with immediate 
    detection of forking and replay attacks, The 2nd ACM Workshop on Scalable Trusted Computing 
    (ACM STC'07), 2007.

    [3] L.F.G. Sarmenta, M. van Dijk, J. Rhodes, and S. Devadas, Offline count-limited certificates, 
    Proceedings of the 2008 ACM Symposium on Applied Computing (SAC'08), 2008.
 


© 2009 Marten van Dijk . All rights reserved.

 

 

 

This Web Page Created with PageBreeze Free HTML Editor