Remote Credential Management with Mutual Attestation for Trusted Execution Environments

TL;DR

This paper introduces novel, formally verified protocols for secure remote credential management in Trusted Execution Environments, addressing backups, updates, migration, and revocation.

Contribution

It presents TEE-agnostic protocols utilizing mutual attestation for comprehensive remote credential management, validated through formal verification.

Findings

Protocols support secure credential backups, updates, migration, and revocation.

Formal verification with Scyther confirms protocol security.

Protocols are implementation-agnostic.

Abstract

Trusted Execution Environments (TEEs) are rapidly emerging as a root-of-trust for protecting sensitive applications and data using hardware-backed isolated worlds of execution. TEEs provide robust assurances regarding critical algorithm execution, tamper-resistant credential storage, and platform integrity using remote attestation. However, the challenge of remotely managing credentials between TEEs remains largely unaddressed in existing literature. In this work, we present novel protocols using mutual attestation for supporting four aspects of secure remote credential management with TEEs: backups, updates, migration, and revocation. The proposed protocols are agnostic to the underlying TEE implementation and subjected to formal verification using Scyther, which found no attacks.