How can Alice trust computation occurring at Bob's computer?
Since it exists and is becoming ubiquitous, the
current-generation TCPA/TCG hardware might enable a
solution. When we started investigating this technology,
the specification of the TCG software stack was not publicly
available, and an implementation is still not; so, we
designed and built an open-source platform based on Linux
and commercially available TCPA/TCG hardware which would
allow us to address the problem of trusting computation.
Within the limits of TCPA/TCG hardware security, our
solution balances what Alice needs to do to make trust
judgments against what Bob needs to do to keep his system
Furthermore, we describe how we use our platform to harden
three sample open-source applications: Apache SSL Web
servers, OpenCA certification authorities, and (with
SELinux) compartmented attestation to balance privacy with
To our knowledge, our project remains the only open-source
TCPA/TCG platform in existence, and is also enabling trusted
computing applications developed by our user community
reports over 1100 sourcecode downloads so far).
John Marchesini, Sean W. Smith, Omen Wild, Josh Stabiner, Alex Barsamian.
"Open-Source Applications of TCPA Hardware."
20th Annual Computer Security Applications Conference.