| CPC G06F 21/575 (2013.01) [G06F 21/577 (2013.01); G06F 21/602 (2013.01); G06F 21/64 (2013.01)] | 20 Claims |
|
1. A computer implemented method for verifying the integrity of a boot process without using a boot aggregate value computed by a trusted platform module (TPM), comprising:
cryptographically validating, by a hardware root of trust (HWRoT), a first code module associated with a digital signature;
determining, by the HWRoT, that the first code module was cryptographically validated upon a first boot;
based on a determination that the first code module was cryptographically validated upon the first boot, cryptographically measuring the first code module, by the HWRoT, thereby generating a first hash measurement;
storing the first hash measurement in a first platform configuration register (PCR) of the TPM;
cryptographically measuring a second code module, by the first code module, thereby generating a second hash measurement and storing the second hash measurement in a second PCR of the TPM;
configuring a remote attestation agent to instruct a remote attestation server to attest values stored in the first PCR and the second PCR, wherein the remote attestation server is configured to attest the values stored in the first PCR and the second PCR by identifying a match between the values stored in the first PCR and the second PCR and allowed cryptographic measurements in an allowed list of cryptographic measurements stored at the remote attestation server, and wherein the allowed list of cryptographic measurements is an allowed list of cryptographic hash values;
transmitting a TPM attestation quote to the remote attestation server, wherein the TPM attestation quote comprises the values stored in the first PCR and the second PCR; and
receiving an acknowledgment, from the remote attestation server, indicating a match between the values stored in the first PCR and the second PCR and the allowed cryptographic measurements in the allowed list of cryptographic measurements stored at the remote attestation server.
|