This is a proof-of-concept implementation of the "Challenge/Response Remote Attestation" interaction model of the IETF RATS Reference Interaction Models for Remote Attestation Procedures using TPM 2.0. The IETF Remote Attestation Procedures (RATS) working group standardizes formats for describing assertions/claims about system components and associated evidence; and procedures and protocols to convey these assertions/claims to relying parties. Given the security and privacy sensitive nature of these assertions/claims, the working group specifies approaches to protect this exchanged data.
This proof-of-concept implementation realizes the Attesting Computing Environment—a Computing Environment capable of monitoring and attesting a target Computing Environment—as well as the target Computing Environment itself, as described in the RATS Architecture.
The following assumes that Docker and its buildx component (and Docker Compose) are installed and configured on your system.
Please see INSTALL.md
for details, also for manually building CHARRA.
All commands are to be executed in Bash.
For Docker, build the image and run the container with:
./docker/build.sh
./docker/run.sh
With Docker Compose do:
docker-compose build --build-arg uid="${UID}" --build-arg gid="${UID}"
docker-compose run --rm charra-dev-env
Inside the container, change to the ~/charra/
folder, build it, and run it:
cd ~/charra/
make -j
./generate-ak.sh
(bin/attester --attestation-key context:tpm_keys/rsa_ak.ctx &); sleep .2 ; bin/verifier -f yaml:reference-pcrs.yml --attestation-public-key tpm_keys/rsa_ak.pub ; sleep 1 ; pkill -SIGINT attester
The following diagram shows the protocol flow of the CHARRA attestation process.
.----------. .----------.
| Attester | | Verifier |
'----------' '----------'
| |
| <----- requestAttestation(nonce, keyID, pcrSelection)
| |
tpmQuote(nonce, pcrSelection) |
| => evidence |
| |
evidence ------------------------------------------> |
| |
| appraiseEvidence(evidence, nonce, referencePcrs)
| attestationResult <= |
| |
You find the changelog in CHANGELOG.md
.
- Allow verifier to perform periodic attestations, e.g., perform attestation every 10 seconds.
- Refactor and implement forward-declared (but not yet implemented) functions.
- Use non-zero reference PCRs.
- "Extended" TPM Quote using TPM audit session(s) and TPM PCR Read operations.
- Make CHARRA a library (
libcharra
) and make attester and verifier example code inexample
folder. - Add
*_free()
functions for all data transfer objects (DTOs). - Introduce semantic versioning as CHARRA develops along the way to become stable.
The order of the list is entirely arbitrary and does not reflect any priorities.