Trusted Computing: Confidentiality, Integrity, and Side-Channel Attacks

This lecture covers the fundamentals of trusted computing, focusing on the need for confidentiality and integrity in hardware and software. It explains trusted hardware properties, such as attestation, sealing, and isolation, and discusses technologies like Trusted Platform Module (TPM) and Trusted Execution Environments (TEE). The lecture also delves into real-world examples, such as private contact discovery in Signal, and explores side-channel attacks like Meltdown and Spectre, emphasizing the importance of mitigations and the challenges of ensuring security in trusted computing environments.

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Related lectures (109)

Related concepts (173)

COM-402: Information security and privacy

This course provides an overview of information security and privacy topics. It introduces students to the knowledge and tools they will need to deal with the security/privacy challenges they are like

Trusted Computing

Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from the field of confidential computing. With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by computer hardware and software. Enforcing this behavior is achieved by loading the hardware with a unique encryption key that is inaccessible to the rest of the system and the owner.

Trusted Platform Module

Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard. One of Windows 11's system requirements is TPM 2.0. Microsoft has stated that this is to help increase security against firmware attacks. Trusted Platform Module (TPM) was conceived by a computer industry consortium called Trusted Computing Group (TCG).

Post-quantum cryptography

In cryptography, post-quantum cryptography (PQC) (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against a cryptanalytic attack by a quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem.

Cryptography

Cryptography, or cryptology (from κρυπτός "hidden, secret"; and γράφειν graphein, "to write", or -λογία -logia, "study", respectively), is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others.

Trusted Execution Technology

Intel Trusted Execution Technology (Intel TXT, formerly known as LaGrande Technology) is a computer hardware technology of which the primary goals are: Attestation of the authenticity of a platform and its operating system. Assuring that an authentic operating system starts in a trusted environment, which can then be considered trusted. Provision of a trusted operating system with additional security capabilities not available to an unproven one.

Trusted Computing: Information Security and Privacy

Explores trusted computing, confidentiality, side-channel attacks, and mitigation strategies against vulnerabilities in hardware.

Anonymous Authorization: Privacy Engineering Toolbox CS-523: Advanced topics on privacy enhancing technologies

Covers anonymous authorization, zero-knowledge proofs, attribute-based credentials, and practical issues in anonymous authentication.

Cryptography Basics: Symmetric and Asymmetric Encryption COM-402: Information security and privacy

Introduces the fundamentals of cryptography, focusing on symmetric and asymmetric encryption, data integrity, authentication, and non-repudiation.

Legacy Web Hosting Services Tour

Covers a tour of legacy web hosting services and discussions on future services storage.

Conditional Access II EE-552: Media security

Covers conditional access, encryption, decryption, authentication, and advanced encryption standards, exploring identity-based encryption, biometrics, and attribute-based encryption.