Cloud infrastructures often lack robust mechanisms for verifying the integrity of Virtual Machines (VM), especially when the hypervisor or host Operating System (OS) are not fully trusted. Virtual Trusted Platform Modules (vTPMs) are widely used to support integrity measurement, but their reliance on the underlying infrastructure weakens their security guarantees. In this paper, we propose a secure vTPM architecture operating in an Intel SGX enclave. Our design offers strong isolation guarantees and enables integrity measurements to be performed independently of the host environment. We demonstrate how essential TPM functionalities, such as sealing, signing, and PCR operations, can be efficiently implemented and protected within the enclave. The proposed architecture also includes countermeasures against common attacks targeting vTPM, including NVRAM tampering, rollback attacks, cuckoo attacks, and unauthorized vTPM instantiation. Experimental results show that our solution offers corresponding solid security guarantees with minimal performance overhead. By decoupling trust from the host platform and anchoring it in a Trusted Execution Environment (TEE), this approach improves the reliability and security of vTPMs.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A New vTPM Architecture with Strong Isolation for the Cloud

  • Samia Boutalbi,
  • Remous-Aris Koutsiamanis,
  • Maissa Dammak,
  • Mario Südholt

摘要

Cloud infrastructures often lack robust mechanisms for verifying the integrity of Virtual Machines (VM), especially when the hypervisor or host Operating System (OS) are not fully trusted. Virtual Trusted Platform Modules (vTPMs) are widely used to support integrity measurement, but their reliance on the underlying infrastructure weakens their security guarantees. In this paper, we propose a secure vTPM architecture operating in an Intel SGX enclave. Our design offers strong isolation guarantees and enables integrity measurements to be performed independently of the host environment. We demonstrate how essential TPM functionalities, such as sealing, signing, and PCR operations, can be efficiently implemented and protected within the enclave. The proposed architecture also includes countermeasures against common attacks targeting vTPM, including NVRAM tampering, rollback attacks, cuckoo attacks, and unauthorized vTPM instantiation. Experimental results show that our solution offers corresponding solid security guarantees with minimal performance overhead. By decoupling trust from the host platform and anchoring it in a Trusted Execution Environment (TEE), this approach improves the reliability and security of vTPMs.