A New vTPM Architecture with Strong Isolation for the Cloud
摘要
Cloud infrastructures often lack robust mechanisms for verifying the integrity of Virtual Machines (VM), especially when the hypervisor or host Operating System (OS) are not fully trusted. Virtual Trusted Platform Modules (vTPMs) are widely used to support integrity measurement, but their reliance on the underlying infrastructure weakens their security guarantees. In this paper, we propose a secure vTPM architecture operating in an Intel SGX enclave. Our design offers strong isolation guarantees and enables integrity measurements to be performed independently of the host environment. We demonstrate how essential TPM functionalities, such as sealing, signing, and PCR operations, can be efficiently implemented and protected within the enclave. The proposed architecture also includes countermeasures against common attacks targeting vTPM, including NVRAM tampering, rollback attacks, cuckoo attacks, and unauthorized vTPM instantiation. Experimental results show that our solution offers corresponding solid security guarantees with minimal performance overhead. By decoupling trust from the host platform and anchoring it in a Trusted Execution Environment (TEE), this approach improves the reliability and security of vTPMs.