-
Notifications
You must be signed in to change notification settings - Fork 0
AttestedTLS
Muhammad Usama Sardar edited this page May 18, 2025
·
11 revisions
- Formally specify and verify the protocols combining TLS 1.3 and remote attestation for Confidential Computing use cases
- IRTF UFMRG
- IETF RATS
- IETF TLS
- IETF WIMSE
- CCC Attestation SIG
- Data Security Work Stream (DSWS) at The Global Alliance for Genomics and Health
- GENXT
- Industrial partners at Arm, Linaro, Huawei, Siemens, Intuit, Intel, ...
- Team Lead: Muhammad Usama Sardar
The main challenge is the extraction of the attested TLS protocol to be formalized, as all the vendors (including Intel, Arm, AMD and IBM) describe the protocols informally. The main issue is that the protocols are either unspecified (leading to security through obscurity), or if specified, they fall in at least one of the following:
Confidential Computing (CC) workload may refer to, for example, a container in Virtual Machine (VM)-based Trusted Execution Environments (TEEs).
- What is the "long-term identity" of the CC workload? How is "long-term identity" assigned to the CC workload? Which entity supplies this "long-term identity"? How is that Identity Supplier trusted?
- How is CA-certified Long-Term Key (LTK) injected in the Confidential Computing workload in the first place?
- How to augment authentication with attestation rather than replacing authentication with attestation?
- What does "freshness" mean for highly dynamic and long-lived workloads?
- How to verify the Verifier?
- Symbolic security analysis
- Architecturally-defined attestation
- TLS 1.3
- Confidential Computing
- Papers
- Code
- Internet-Drafts
- Description of discovered impersonation attacks
- Recent tutorial at IETF 122
- Some recent slides, videos etc.