Versions Compared

Old Version 60

changes.mady.by.user Hari C S

Saved on

compared with

New Version 61

changes.mady.by.user Erik Nordmark

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Clarify that "escrow" is really an encrypted backup of the volume key.

...

  1. Implement recommendations of TCG Remote Attestation Protocol TAP - with EVE as the attester and EVC as the verifier. i.e. use TPM to measure the booting sequence using Platform Configuration Registers (PCR)
  2. On top of the TCG solution, propose a mechanism for self-locking:  Seal the decryption key for the encrypted volumes using PCRs (for self-locking during offline/tampered conditions).  This is done to address unique operational requirements of EVE at the Edge.
  3. Escrow of Save the encrypted  volume key with the Controller during the upgrade.

...

Since EVE must present PCR quotes in both the cases (otherwise config request will fail with Error 403), EVC can examine PCR quote to see if it matches with PCR quote of the EVE version it thinks EVE should be running presently.  In other words, for EVC to differentiate between approved vs unapproved image version,  one must mark the supported EVE image versions as "approved" by entering their  corresponding measurements values expected in the TCG measurement sequence (since multiple values can be extended to a single PCR).  With the help of this "list of approved measurements" , EVC can co-relate the entries in TPM EventLog to confirm if the boot chain with the modified software image is trusted and expected.  It is possible that a rogue software might, after reboot, not send any config request at all, and still trying to access the contents on the disk, like credentials, sensor feed data, etc from the Edge Container Volumes.  But the decryption key for accessing these encrypted volumes (the Volume Storage Key), is not stored anywhere in memory or on disk, but rather it is sealed with the PCR values of the previous software version. The only other way to get access to this key is from EVC, but EVC will share this key only on successful attestation.  Through such "escrow" mechanism, a backup of encryped material, the EVC ensures that only approved EVE images can access the protected resources like Edge Container Volumes. Since PCR quote is always generated with a nonce given by EVC from time to time, this provides freshness proof for the quote, and a rogue software can not copy PCR quote from a supported EVE version and pretend that it is the latest quote.

...