We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Hardware-backed attestation in TLS

00:00
subtitles
off
playback rate
1
quality
720p
subtitles
off
English (auto-generated)
playback rate
0.25
0.5
0.75
1
1.25
1.5
1.75
2
quality
720p
480p
360p
240p
4
 Cite
 Share
 Related Material
 Download Purchase
Logo of FOSDEM VZWFOSDEM VZW
 Mihalcea, Ionuț

Formal Metadata

Title
Hardware-backed attestation in TLS
Title of Series
Number of Parts
542
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Authentication among distributed workloads is a critical yet complex task. PKI-based authentication relies heavily on software to anchor the trustworthiness of workloads, therefore failing to reliably convey the security state of the workload in the face of impersonation and persistent attackers. This is most apparent in cases where the underlying platform is particularly exposed and out of the control of the owner, such as in cloud computing and IoT. Hardware features have thus been introduced to enable remotely verifiable “trust metrics” using attestation. Such hardware-backed features provide a cryptographic proof of the software stack, and strong guarantees that the cryptographic keys used by the workload are properly protected from exfiltration. However, remote attestation comes with its own need to share and verify metadata, which must be engineered into existing software. While the protocol used to exchange this metadata is largely irrelevant to the actual attestation procedure, its positioning in the networking stack can enable specific use-cases and enhance the performance of the entire system. An appealing approach is to allow the creation of secure channels (such as TLS connections) using attestation metadata as the authentication mechanism. Current designs either rely on running an attestation protocol on top of an existing secure channel, or modify the semantics of certificates to convey attestation information when establishing the secure channel. Our work focuses on standardising attestation metadata as first-class credentials in TLS. This new approach allows native, opaque metadata to be conveyed for authentication during the TLS handshake instead of (or together with) x509 certificates. Supporting flexibility in deployments without compromising on security has been a prime goal. Thus, we aim to cater to interaction models in which either the client, the server, or both can attest themselves, leveraging any hardware backend, and using different verification topologies. To showcase the standardisation effort, we are also developing an open-source, end-to-end proof-of-concept implementation of one of the interaction models supported. The PoC builds on top of two Linux Foundation projects – Parsec to abstract the root of trust attestation primitives, and Veraison to consume and verify the new evidence formats – and modifies mbedTLS to support a subset of the newly defined TLS extensions. As a hardware root of trust, the proof of concept is currently using a TPM2.0, with support for others being considered.
FOSDEM 2023537 / 542
1
Thumbnail
10:57
Tribe - a content structuring and collaborative framework
2
Thumbnail
21:58
Decentralizing moderation
3
Thumbnail
15:16
Challenges in Home Energy Management
4
Thumbnail
20:42
EVerest: AC and DC electric vehicle charging with open source software and hardware
5
Thumbnail
20:43
Green software engineering
6
Thumbnail
30:01
What the energy industry can learn from how open source technology has transformed other traditional industries
7
Thumbnail
39:45
Carbon Intensity Aware Scheduling in Kubernetes
8
Thumbnail
30:06
Inside the FIM (Fbi IMproved) Scriptable Image Viewer
9
Thumbnail
24:53
Using GNU Guix Containers with FHS (Filesystem Hierarchy Standard) Support
10
Thumbnail
32:35
An Introduction to Guix Home
11
Thumbnail
29:50
Bringing RISC-V to Guix's bootstrap
12
Thumbnail
1:28:49
Learn 8-bit machine language with the Toy CPU emulator
13
Thumbnail
28:12
Literate Storytelling: Interpreting Syntaxes for Explorers
14
Thumbnail
30:18
LIPS Scheme
15
Thumbnail
14:39
FAIRPoints
16
Thumbnail
16:20
Breaking away from Big Tech
17
Thumbnail
16:33
Build CI/CD pipelines as code, run them anywhere
18
Thumbnail
41:03
Building an actor library for Quickwit's indexing pipeline.
19
Thumbnail
32:20
Celebrating 25 years of Open Source
20
Thumbnail
29:17
CI/CD for Machine learning models
21
Thumbnail
14:45
CoffeOSM: improve OpenStreetMap a receipt at a time
22
Thumbnail
15:21
Consulting for digital humanists
23
Thumbnail
19:44
Continuous Delivery to many Kubernetes Clusters
24
Thumbnail
15:20
Continuously Update Everything
25
Thumbnail
1:48:15
How regulating software for the European market could impact FOSS
26
Thumbnail
15:36
data mountains - turn your data into mountains!
27
Thumbnail
27:53
Device driver gardening
28
Thumbnail
24:24
Delivering a crossplane-based platform
29
Thumbnail
14:35
Keep Your Dependencies In Check
30
Thumbnail
35:45
Perspectives from the Open Source Developer
31
Thumbnail
30:06
Elasticsearch Internals
32
Thumbnail
47:16
The ELISA Project - Enabling Linux in Safety Applications
33
Thumbnail
15:28
FireCRaCer: The Best Of Both Worlds
34
Thumbnail
22:56
FireCRaCer: The Best Of Both Worlds
35
Thumbnail
40:59
Teaching machines to handle bugs and test Firefox more efficiently.
36
Thumbnail
29:42
FOSDEM infrastructure review
37
Thumbnail
15:36
FOSSbot: An open source and open design educational robot
38
Thumbnail
16:09
FPGA-based music synthesis with open-source tools
39
Thumbnail
26:52
Fuzion — Intro for Java Developers: Mapping Java's Features to Simpler Mechanisms
40
Thumbnail
14:28
gallia: An Extendable Pentesting Framework
41
Thumbnail
13:31
A GitLab forge for all teachers and students in France?
42
Thumbnail
19:12
Classics Never Get Old: Two Easy Pieces For GraalVM
43
Thumbnail
14:53
Grottocenter
44
Thumbnail
19:39
Write Once, Run Anywhere... Well, What About Heterogeneous Hardware?
45
Thumbnail
22:29
2D animations in Haskell using gloss, lens and state
46
Thumbnail
04:43
Acknowledgements, *prize draw* and farewell
47
Thumbnail
28:36
Open-Source Opportunities with the Haskell Foundation
48
Thumbnail
41:50
Hackathon HaskellKatas style
49
Thumbnail
28:04
Recipes for reducing cognitive load
50
Thumbnail
24:41
Reconciliation Pattern, Control Theory and Cluster API: The Holy Trinity
51
Thumbnail
25:08
Optimizing string usage in Go programs
52
Thumbnail
24:38
FOSDEM 2023 - Go Lightning talks: Come speak!
53
Thumbnail
28:00
Is Go Object-Oriented? A Case of Public Opinion
54
Thumbnail
23:23
Headscale: How we are using integration testing to reimplement Tailscale
55
Thumbnail
27:58
Five Steps to Make Your Go Code Faster & More Efficient
56
Thumbnail
21:38
Go Even Further Without Wires
57
Thumbnail
29:29
What's new in Delve / Tracing Go programs with eBPF
58
Thumbnail
23:35
Debugging concurrency programs in Go
59
Thumbnail
26:55
Building a CI pipeline with Dagger in Go
60
Thumbnail
25:21
Our Mad Journey of Building a Vector Database in Go
61
Thumbnail
25:10
Building FPGA Bitstreams with Open-Source Tools
62
Thumbnail
27:32
WAM: an embedded web runtime history
63
Thumbnail
24:34
U-Boot as PSCI provider on ARM64
64
Thumbnail
26:40
Troika: Submit, monitor, and interrupt jobs on any HPC system with the same interface
65
Thumbnail
17:24
Running MPI applications on Toro unikernel
66
Thumbnail
26:50
Simplifying the creation of Slurm client environments
67
Thumbnail
24:28
How the Spack package manager tames the stat storm
68
Thumbnail
28:26
Keeping the HPC ecosystem working with Spack CI
69
Thumbnail
26:45
Reverse engineering a solar roof datalogger
70
Thumbnail
09:40
Ups and Downs with Remote Desktop Protocol (RDP) on Wayland, Weston and the Yocto Project
71
Thumbnail
26:49
Writing a Telegram Antispam Bot in Python: An introduction to async programming
72
Thumbnail
23:23
Building a Semantic Search Application in Python, Using Haystack
73
Thumbnail
22:06
Code reloading techniques in Python
74
Thumbnail
30:10
Will PyScript replace Django?
75
Thumbnail
26:25
Simple, open, music recommendations with Python
76
Thumbnail
55:35
A quick introduction to MicroPython
77
Thumbnail
24:43
Python Logging Like Your Job Depends on It
78
Thumbnail
25:52
Pip install malware
79
Thumbnail
24:18
Realtime 3D Graphics on a MicroPython ESP32
80
Thumbnail
24:42
DuckDB: Bringing analytical SQL directly to your Python shell.
81
Thumbnail
25:47
Talk to DBus from a Python application
82
Thumbnail
24:52
Continuous Documentation for Your Code
83
Thumbnail
26:51
The PolyVent FLOSS Ventilator
84
Thumbnail
28:24
Efficiently exploit HPC resources in scientific analysis and visualization with ParaView
85
Thumbnail
08:37
Overengineering an ML pet project to learn about MLOps
86
Thumbnail
06:17
Open Source Switching: Upstreaming ONIE NVMEM and switch BSP drivers
87
Thumbnail
26:29
numba-mpi
88
Thumbnail
25:00
MUST: Compiler-aided MPI correctness checking with TypeART
89
Thumbnail
11:25
HPC Container Conformance
90
Thumbnail
26:02
Matter and Thread as Connectivity Solution for Embedded
91
Thumbnail
25:41
LOFAR: FOSS HPC across 2000 kilometers
92
Thumbnail
26:19
Convergent camera applications for mobile Linux devices
93
Thumbnail
22:59
Link-time Call Graph Analysis to facilitate user-guided program instrumentation
94
Thumbnail
18:23
LIBRSB: Universal Sparse BLAS Library
95
Thumbnail
10:02
The LDBC benchmark suite
96
Thumbnail
25:38
KUKSA.val Vehicle Abstraction
97
Thumbnail
28:00
Self-service Kubernetes Platforms with RDMA on OpenStack
98
Thumbnail
08:04
Exploring a swedish smarthome hub
99
Thumbnail
10:08
A journey to the hardware world
100
Thumbnail
27:15
How to deal with validation as an HPC software?
101
Thumbnail
20:42
Developing effective testing pipelines for HPC applications
102
Thumbnail
10:10
Multiple Double Arithmetic on Graphics Processing Units
103
Thumbnail
27:23
Introduction to Watermill: Siple Go Event-Driven application in 20 minutes
104
Thumbnail
20:23
Visually programming Go
105
Thumbnail
24:13
The State of Go: What's new since Go 1.19
106
Thumbnail
23:39
Squeezing a go function
107
Thumbnail
31:40
OpenTelemetry with Grafana
108
Thumbnail
26:45
Building a Web UI for the Fedora installer
109
Thumbnail
50:46
Advanced Camera Support on Allwinner SoCs with Mainline Linux
110
Thumbnail
25:06
How to get public administrations to use more FOSS
111
Thumbnail
26:24
Accessibility & Open Source: How open source is key to building a more inclusive world.
112
Thumbnail
25:34
A11y: EAA, WCAG, WAI, ARIA, WTF? – it’s for the people stupid!
113
Thumbnail
24:49
A mirror without reflection for Kotlin/Multiplatform
114
Thumbnail
20:43
20 minutes from zero to a live chatbot with Tock
115
Thumbnail
23:44
5 errors when building embedded systems
116
Thumbnail
24:47
On-prem to Cloud to Edge and beyond: Evolution of women contributors in distros & FOSS
117
Thumbnail
25:50
Windows and Office "tax" refund
118
Thumbnail
24:24
Walking native stacks in BPF without frame pointers
119
Thumbnail
24:29
Is it time to migrate to Vue 3?
120
Thumbnail
25:16
Introducing Vegvisir: An automation framework for testing QUIC application logic
121
Thumbnail
27:12
Value driven design
122
Thumbnail
31:32
Uncover the Missing Link
123
Thumbnail
28:55
Practical introduction to OpenTelemetry tracing
124
Thumbnail
21:09
Better Kotlin Multiplatform architecture with Dependency Injection and KSP
125
Thumbnail
28:39
The O11y toolkit
126
Thumbnail
34:22
The State of Kotlin
127
Thumbnail
14:57
Practical and fun automation for all your terminal sessions
128
Thumbnail
20:20
Take your shot of Vitamin!
129
Thumbnail
28:37
Strong Dynamic Type Checking for JavaScript
130
Thumbnail
25:55
Having Something To Hide
131
Thumbnail
15:25
Finite state machine (and some retrogaming)
132
Thumbnail
24:57
Shrinking in the Age of Kotlin
133
Thumbnail
24:37
Sharp photos and short movies on a mobile phone
134
Thumbnail
21:29
Whom Do You Trust?
135
Thumbnail
25:44
Where does that code come from?
136
Thumbnail
30:33
Demystifying StackRox
137
Thumbnail
11:00
What Does Rugby Have To Do With Sigstore?
138
Thumbnail
24:41
Enabling FIDO2/WebAuthn support for remotely managed users
139
Thumbnail
21:46
Mercator: Mapping the information system
140
Thumbnail
24:56
Post Quantum Cryptography in Voice/Video over IP
141
Thumbnail
25:58
Remote Attestation with Keylime
142
Thumbnail
26:17
Kerberos PKINIT: what, why, and how (to break it)
143
Thumbnail
18:39
Converting HPKE to be PQ
144
Thumbnail
21:56
OpenSSL in RHEL: FIPS-140-3 certification
145
Thumbnail
19:01
Playing with Nix in adverse HPC environments
146
Thumbnail
18:05
P4 in Nix
147
Thumbnail
19:14
Nixel: a nicer way to write your Nix expressions
148
Thumbnail
12:46
Make Anyone Use Nix
149
Thumbnail
20:10
I am excited about NixOS, I want to tell you why!
150
Thumbnail
16:02
devenv.sh - Fast, Declarative, Reproducible, and Composable Developer Environments
151
Thumbnail
20:28
The Nix package manager development process
152
Thumbnail
05:58
Contracts for free!
153
Thumbnail
20:13
A success story of adopting Nix at a workplace
154
Thumbnail
14:50
NGI Search and OpenWebSearch.EU projects
155
Thumbnail
28:47
prplMesh: open source Wi-Fi mesh
156
Thumbnail
26:26
So you want to build a deterministic networking system
157
Thumbnail
23:47
Snabbflow: a scalable IPFIX exporter
158
Thumbnail
22:40
Need to connect your k8s pods to multiple networks? No problem [with calico/vpp]!
159
Thumbnail
15:46
Peer-to-peer Browser Connectivity
160
Thumbnail
27:07
ntopng: an actionable event-driven network traffic analysis application
161
Thumbnail
25:27
Service MESH without the MESS
162
Thumbnail
27:39
MetalLB and FRR: a match made in heaven
163
Thumbnail
19:41
Networking management made simple with Nmstate
164
Thumbnail
30:14
What is an IDS and Network Security Monitoring in 2023?
165
Thumbnail
28:47
Hole punching in the wild
166
Thumbnail
32:36
Decentralized Storage with IPFS
167
Thumbnail
24:32
DDoS attack detection with open source FastNetMon Community
168
Thumbnail
25:05
"CNI Unleashed"
169
Thumbnail
31:42
Golden Signals with Cilium and Grafana
170
Thumbnail
43:35
Open Source Software at NASA
171
Thumbnail
21:10
What I Miss In Java (The Perspectives Of A Kotlin Developer)
172
Thumbnail
18:10
Major Migrations Made Easy With OpenRewrite
173
Thumbnail
31:17
The Microkernel Landscape in 2023
174
Thumbnail
25:51
MicroBlocks: small, fast, human friendly
175
Thumbnail
20:10
Making Continuous Delivery Accessible to All
176
Thumbnail
15:10
Lua for the lazy C developer
177
Thumbnail
30:10
Loupe: Designing Application-driven Compatibility Layers in Custom Operating Systems
178
Thumbnail
15:30
Writer Content Controls -- what happened in the past half year
179
Thumbnail
10:01
A Rocket Engine for LibreOffice Templates
180
Thumbnail
08:10
Cleaning up the unittest code mess
181
Thumbnail
10:24
State of the Toolchain
182
Thumbnail
09:24
Putting the R in LibreOffice: a Shiny dashboard for QA
183
Thumbnail
09:06
Improvements to LibreOffice PDF accessibility
184
Thumbnail
05:48
Supporting old proprietary graphic formats
185
Thumbnail
09:15
News from the ODF Toolkit
186
Thumbnail
11:01
Migrating to LibreOffice Technology - old and new motivations and challenges
187
Thumbnail
08:55
Marrying Collabora Online and LibreOffice WASM
188
Thumbnail
09:03
LibreOfficeKit – bridge between your application and LibreOffice
189
Thumbnail
07:59
An Interoperability Improvement in LibreOffice Impress Tables
190
Thumbnail
09:57
Fun project by design – How LibreOffice development can be full of flow?
191
Thumbnail
09:00
Footnotes in multi-column sections
192
Thumbnail
04:26
Feature Locking and Feature Restriction
193
Thumbnail
10:10
Turbocharging an elephant. Making Libreoffice faster.
194
Thumbnail
08:42
LibreOffice Dark Modes
195
Thumbnail
09:30
Crashtesting LibreOffice in the backyard
196
Thumbnail
08:01
Make Collabora Online yours
197
Thumbnail
10:04
Collabora Online and WASM
198
Thumbnail
09:41
Collabora Online over lock-down
199
Thumbnail
47:03
Linux Inlaws
200
Thumbnail
09:48
LibreOffice graphics subsystems - SystemSpecificRenderers
201
Thumbnail
11:32
Libre-SOC: From architecture and simulation to test silicon, and beyond
202
Thumbnail
14:57
Keyoxide: verifying online identity with cryptography
203
Thumbnail
16:12
Jubako, a new generic container format
204
Thumbnail
11:29
Combining EASY!Appointments with Jitsi for online appointment management
205
Thumbnail
23:06
Combining EASY!Appointments with Jitsi for online appointment management
206
Thumbnail
15:54
Is YAML the Answer?
207
Thumbnail
22:17
Ultrablue
208
Thumbnail
18:06
Devroom kick-off talk: UKI? DDI?? Oh my!!!
209
Thumbnail
23:15
Ubuntu Core: a technical overview
210
Thumbnail
24:59
Image-Based Linux and TPMs
211
Thumbnail
21:45
openSUSE MicroOS design
212
Thumbnail
23:38
Building initrds in a new way
213
Thumbnail
15:41
MachineOS: a Trusted, SecureBoot Image-based Container OS
214
Thumbnail
16:33
Converging image and package based OS updates
215
Thumbnail
15:05
I2P: Major Changes of the Peer-to-Peer Network
216
Thumbnail
38:40
Hardware acceleration for Unikernels
217
Thumbnail
31:56
How We Gained Observability Into Our CI/CD Pipeline
218
Thumbnail
17:56
How To Automate Documentation Workflow For Developers
219
Thumbnail
44:39
Introducing Helios Micokernel
220
Thumbnail
13:27
Introducing Helios
221
Thumbnail
31:01
Hedy: A gradual and multi-lingual programming language for education
222
Thumbnail
32:42
Web application architecture in Haskell with flora.pm
223
Thumbnail
13:15
A quick overview of the Haskell tooling
224
Thumbnail
06:05
The Haskell Security Advisory Database
225
Thumbnail
29:32
On the path of better interoperability with Rust!
226
Thumbnail
16:10
Breaking the Code of Inclusion: Designing Micro Materials Based on PRIMM Principles for Accessible Programming Education.
227
Thumbnail
14:42
Beyond Wikipedia
228
Thumbnail
26:03
Speak binary to me
229
Thumbnail
26:13
Shorter feedback loops with Livebook
230
Thumbnail
04:56
Running Erlang and Elixir on microcontrollers with AtomVM
231
Thumbnail
28:56
LiveView keeps you warm!
232
Thumbnail
18:07
Introduction to Gleam
233
Thumbnail
11:21
Elixir - Old wine in new casks
234
Thumbnail
23:11
Distributed music programming with Gleam, BEAM, and the Web Audio API
235
Thumbnail
26:34
The Actor Model as a Load Testing Framework
236
Thumbnail
15:44
Do more awkward user interviews
237
Thumbnail
14:33
AsyncGetStackTrace: The Improved Version Of AsyncGetCallTrace (JEP 435)
238
Thumbnail
49:05
Building a Linux-compatible Unikernel
239
Thumbnail
28:34
Building Personalized AI Apps with MIT App Inventor
240
Thumbnail
23:28
Why And How To Upgrade To Java 17 (And Prepare For 21)
241
Thumbnail
15:40
Tableaunoir: an online blackboard for teaching
242
Thumbnail
38:43
Sustaining Free and Open Source Software
243
Thumbnail
49:24
Open Source in Environmental Sustainability
244
Thumbnail
14:08
Should there be a standard in libre localization?
245
Thumbnail
17:19
Staging of Artifacts in a Build System
246
Thumbnail
43:24
What is Digital Sovereignty and how can OSS help to achieve it?
247
Thumbnail
21:49
The Role of Open Source at the EU Technology Roadmap for a European Sovereign Cloud
248
Thumbnail
18:52
The role of Open Infrastructure in digital sovereignty
249
Thumbnail
1:03:30
The Importance of Collaborative Applications for European Digital Sovereignty
250
Thumbnail
55:59
The Co-operative Cloud
251
Thumbnail
25:09
Responsible Clouds and the Green Web Triangle
252
Thumbnail
20:04
Operate First community cloud
253
Thumbnail
22:02
On-premise data centers do not need to be legacy
254
Thumbnail
42:11
Is Open Source Coming back to your Cloud?
255
Thumbnail
14:27
How we created a Documentation Framework that works across a group of vendors in the sovereign cloud stack community
256
Thumbnail
40:24
From Zero to Hero with Solid
257
Thumbnail
31:28
Effective management of Kubernetes resources for cluster admins
258
Thumbnail
36:35
Distributed Storage in the Cloud
259
Thumbnail
49:55
Building Strong Foundations for a More Secure Future
260
Thumbnail
31:02
Snap! - Build Your Own Blocks
261
Thumbnail
48:48
Similarity Detection in Online Integrity
262
Thumbnail
23:36
Afraid Of Java Cold Starts In Serverless?
263
Thumbnail
16:07
Self-hosting for non-coders?
264
Thumbnail
21:11
SQL on Ceph
265
Thumbnail
38:24
Intro to Ceph on Kubernetes using Rook
266
Thumbnail
35:51
Lessons learnt managing and scaling 200TB glusterfs cluster @PhonePe
267
Thumbnail
39:58
Dynamic load change in SDS systems
268
Thumbnail
17:40
Present and future of Ceph integration with OpenStack and k8s
269
Thumbnail
24:02
A Rust-Based, modular Unikernel for MicroVMs
270
Thumbnail
18:35
Using Rust for your network management tools!
271
Thumbnail
08:27
Slint: Are we GUI yet?
272
Thumbnail
20:51
Scalable graph algorithms in Rust (and Python)
273
Thumbnail
41:41
Rust API Design Learnings
274
Thumbnail
08:04
Neovim and rust-analyzer are best friends
275
Thumbnail
20:17
Merging process of the rust compiler
276
Thumbnail
30:31
Let's write Snake game!
277
Thumbnail
35:24
How Pydantic V2 leverages Rust's Superpowers
278
Thumbnail
30:52
Glidesort
279
Thumbnail
33:46
Building a distributed search engine with tantivy
280
Thumbnail
07:56
Presentation of BastionLab, a Rust open-source privacy framework for confidential data science collaboration
281
Thumbnail
20:30
Backward and forward compatibility for security features
282
Thumbnail
40:31
Aurae: Distributed Runtime
283
Thumbnail
20:13
atuin: magical shell history with Rust
284
Thumbnail
08:38
A Rusty CHERI - The path to hardware capabilities in Rust
285
Thumbnail
39:27
A deep dive inside the Rust frontend for GCC
286
Thumbnail
49:51
Rosegarden: A Slumbering Giant
287
Thumbnail
25:10
Quarkus 101: Intro To Java Development With Quarkus
288
Thumbnail
26:21
Modernizing Legacy Messaging System with Apache Pulsar
289
Thumbnail
52:31
Podcasting 2.0: it's all about Interoperability
290
Thumbnail
50:46
Running a Hybrid Event with Open Source
291
Thumbnail
17:05
Update on #JavaOnRaspberryPi and Pi4J
292
Thumbnail
11:55
Announcing pg_statviz
293
Thumbnail
15:53
Passbolt
294
Thumbnail
51:59
Evolution of OSv: Towards Greater Modularity and Composability
295
Thumbnail
12:41
Open Source Good Governance – GGI Framework presentation & deployment
296
Thumbnail
15:10
Get Started with Open Source Formal Verification
297
Thumbnail
40:54
Making the world a better place through Open Source
298
Thumbnail
14:53
The Nym Mixnet
299
Thumbnail
1:05:53
NOVA Microhypervisor Feature Update
300
Thumbnail
18:04
Towards Secure Boot for NixOS
301
Thumbnail
04:17
Energy policy by the European Commission
302
Thumbnail
22:33
European Eichrecht
303
Thumbnail
26:21
Tackling document collaboration challenges in 2023
304
Thumbnail
31:40
Conquering tribal knowledge with Grav
305
Thumbnail
52:06
Creating a content pipeline with Antora
306
Thumbnail
45:50
Open Source Collaboration Tools for Alfresco
307
Thumbnail
19:41
A Study of Fine-Grain Compartment Interface Vulnerabilities: What, Why, and What We Should Do About Them
308
Thumbnail
23:55
Project Veraison (VERificAtIon of atteStatiON)
309
Thumbnail
18:05
Rust based Shim-Firmware for confidential container
310
Thumbnail
24:36
Nydus Image Service for Confidential Containers
311
Thumbnail
21:39
Scalable Confidential Computing on Kubernetes with Marblerun
312
Thumbnail
22:37
Gramine Library OS
313
Thumbnail
17:47
Building a secure network of trusted applications on untrusted hosts
314
Thumbnail
30:20
THE BASE - FOSS Confidential Container SDK to ease the development
315
Thumbnail
20:44
Confidential Containers and the Pitfalls of Runtime Attestation
316
Thumbnail
29:06
Cascaded Foci (SFUs)
317
Thumbnail
34:03
Building a social app on top of Matrix
318
Thumbnail
11:45
tissue—the minimalist git+plain text issue tracker
319
Thumbnail
31:24
Introduction to the Synapse Kubernetes Operator
320
Thumbnail
25:13
vhost-user-blk: a fast userspace block I/O interface
321
Thumbnail
36:46
Operating Ceph from Ceph Dashboard
322
Thumbnail
31:39
Reviving Reverse Polish Lisp
323
Thumbnail
55:36
Self-conscious Reflexive Interpreters
324
Thumbnail
29:58
Introduction to Pre-Scheme
325
Thumbnail
18:16
Research at the service of free knowledge: Building open tools to support research on Wikimedia projects
326
Thumbnail
15:17
The Software Sustainability Institute Community and Events
327
Thumbnail
05:20
Establishing the Research Software Engineering (RSE) Asia Association with the Open Life Science programm
328
Thumbnail
28:53
Frictionless Application (IDE for CSV)
329
Thumbnail
29:10
Papis: a simple, powerful and extendable command-line bibliography manager
330
Thumbnail
30:06
V2GLiberty: The open stack that could
331
Thumbnail
27:49
Power profiling with the Firefox Profiler
332
Thumbnail
22:14
OpenSTEF: Open Source energy predictions
333
Thumbnail
26:49
Update on open-source energy system modeling in the global south and including Africa
334
Thumbnail
19:45
4 Years of Energy Management with openHAB
335
Thumbnail
25:12
Getting to a fossil free internet by 2030
336
Thumbnail
26:58
Combatting Software-Driven Environmental Harm With Free Software
337
Thumbnail
32:10
OpenCSD, simple and intuitive computational storage emulation with QEMU and eBPF
338
Thumbnail
32:14
Stack walking/unwinding without frame pointers
339
Thumbnail
29:40
The state of r2land
340
Thumbnail
31:18
GNU poke beyond the CLI (Command Line Interface)
341
Thumbnail
31:01
GNU poke
342
Thumbnail
24:34
Libabigail, State Of The Onion
343
Thumbnail
33:06
Libabigail, State Of The Onion
344
Thumbnail
23:49
fq - jq for binary formats
345
Thumbnail
26:50
An introduction into AMD/Xilinx libsystemctlm-soc
346
Thumbnail
30:25
7 things I learned about old computers, via emulation
347
Thumbnail
27:05
Transit network planning for everyone
348
Thumbnail
25:36
Using open source software to boost measurement data in railways
349
Thumbnail
26:40
Automated short-term train planning in OSRD
350
Thumbnail
11:57
OpenStreetMap, one geographic database to rule them all?
351
Thumbnail
27:03
OpenTripPlanner
352
Thumbnail
17:42
Introducing MOTIS Project
353
Thumbnail
25:25
Public Transport Data in KDE Itinerary
354
Thumbnail
13:13
Digitransit
355
Thumbnail
26:43
Pushing the PSP
356
Thumbnail
31:52
Emulator development in Java
357
Thumbnail
27:38
Emulator development in Java
358
Thumbnail
30:27
Understanding the Bull GAMMA 3 first generation computer through emulation
359
Thumbnail
49:25
Chimera Linux
360
Thumbnail
17:50
AMENDMENT Global Open Source Quality Assurance of Emergency Supplies
361
Thumbnail
29:11
AMENDMENT Covid Exposure Notification Out in the Open
362
Thumbnail
31:12
AMENDMENT Public Money? Public Code! in Europe
363
Thumbnail
13:31
Defining a multi-architecture interface for SYCL in LLVM Clang
364
Thumbnail
53:59
Reggae: cool way of managing jails/VMs on FreeBSD
365
Thumbnail
32:12
Bringing your project closer to users – translating libre with Weblate
366
Thumbnail
34:30
Building an atractive way in an old infra for new translators
367
Thumbnail
16:51
Translating documentation with cloud tools and scripts
368
Thumbnail
13:31
Defining a multi-architecture interface for SYCL in LLVM Clang
369
Thumbnail
29:51
20 years with Gettext
370
Thumbnail
30:10
Translate All The Things!
371
Thumbnail
28:17
Demystifying compiler-rt-sanitizers for multiple architectures
372
Thumbnail
30:42
Game of Trees Daemon
373
Thumbnail
22:32
Happy 5th anniversary pkg-provides
374
Thumbnail
32:33
Open source C/C++ embedded toolchains using LLVM
375
Thumbnail
31:06
Case study of creating and maintaining an analysis and instrumentation tool based on LLVM: PARCOACH
376
Thumbnail
16:52
BSD Driver Harmony
377
Thumbnail
42:07
AMENDMENT The New EU Interoperable Europe Act and the Reuse of Software in Public Administration
378
Thumbnail
27:19
How to Build your own MLIR Dialect
379
Thumbnail
26:20
FIDO beyond the browser
380
Thumbnail
18:31
Elliptic curves in FOSS
381
Thumbnail
23:35
How to protect your Kubernetes cluster using Crowdsec
382
Thumbnail
22:18
Secure by accident
383
Thumbnail
25:05
Graphing tools for scheduler tracing
384
Thumbnail
12:51
A complete compliance toolchain for Yocto projects
385
Thumbnail
27:36
Understanding and Managing the Dependency in SBOM with the New Feature of SW360
386
Thumbnail
26:33
In SBOMs We Trust: How Accurate, Complete, and Actionable Are They?
387
Thumbnail
29:49
A standard BOM for Siemens
388
Thumbnail
12:08
REUSE Software... or if you want nice a nice SBOM downstream, push REUSE upstream
389
Thumbnail
1:22:33
Panel discussion: SBOM content, usefulness, and caveats
390
Thumbnail
19:51
Generating SBOM made easy with ORT
391
Thumbnail
26:22
Automated SBoM generation with OpenEmbedded and the Yocto Project
392
Thumbnail
28:03
The 7 key ingredients of a great SBOM
393
Thumbnail
26:08
Hermine: converting SBOMS into legal obligations
394
Thumbnail
27:57
Using SPDX for functional safety
395
Thumbnail
11:41
FOSSology and SPDX
396
Thumbnail
27:48
SBOM contents for embedded system images
397
Thumbnail
27:22
Build recorder: a system to capture detailed information
398
Thumbnail
15:38
Sailing into the Linux port with Sony Open Devices
399
Thumbnail
23:59
A Service as a Software Substitute (SaaSS) is unjust like proprietary software
400
Thumbnail
21:28
Automating a rolling binary release for Spack
401
Thumbnail
49:59
Is “European open source” a thing?
402
Thumbnail
30:10
If it’s public money, make it public code!
403
Thumbnail
24:27
Controlling the web with a PS5 controller
404
Thumbnail
32:01
Adopting continuous-profiling: Understand how your code utilizes cpu/memory
405
Thumbnail
26:10
Practical UX at OpenProject
406
Thumbnail
48:50
When it all GOes right
407
Thumbnail
48:07
Tour de Data Types: VARCHAR2 or CHAR(255)?
408
Thumbnail
50:36
Why Database Teams Need Human Factors Training
409
Thumbnail
50:10
How to Give Your Postgres Blog Posts: An Outsize Impact
410
Thumbnail
49:57
Don't Do This
411
Thumbnail
43:10
Deep Dive Into Query Performance
412
Thumbnail
43:29
DBA Evolution: the Changing Role of the Database Administrator
413
Thumbnail
33:11
Observability in Postgres
414
Thumbnail
27:36
The problems you will have when creating a plugins system for your shiny UI project
415
Thumbnail
17:17
What's new in the world of phosh?
416
Thumbnail
20:16
Penpot official launch!
417
Thumbnail
28:42
Best Practices for Operators Monitoring and Observability in Operator SDK
418
Thumbnail
15:09
Webmapping and massive statistical data, a democratization story
419
Thumbnail
29:55
Interactive network visualizations as "guided close reading" devices for the social sciences
420
Thumbnail
15:07
The Turing Way: Changing research culture through open collaboration
421
Thumbnail
28:35
Tackling disinformation with OSS
422
Thumbnail
30:37
RICardo and GeoPolHist: Exploring trade relations between the geopolitical entities of the world from c. 1800 to 1938
423
Thumbnail
28:16
Relativitization: an interstellar social simulation framework and a turn-based strategy game
424
Thumbnail
24:57
PIMMI: a command line interface to study image propagation
425
Thumbnail
25:55
Preliminary analysis of crowdsourced sound data with FOSS
426
Thumbnail
26:23
MuPhyN - MultiPhysical Nexus
427
Thumbnail
26:45
Guix, toward practical transparent, verifiable and long-term reproducible research
428
Thumbnail
14:09
Executable papers in the Humanities, or how did we land to the Journal of Digital History
429
Thumbnail
28:40
CorTexT: An open platform for social sciences and humanities Methodological expertise
430
Thumbnail
26:39
Setting up OpenQA testing for GNOME
431
Thumbnail
26:15
Open Research Open Panel: Open discussion among the open research tools and technologies community
432
Thumbnail
24:14
Upstream Collaboration and Linux Distributions Collaboration - Is that excluded?
433
Thumbnail
15:40
Ondev2: Distro-Independent Installer For Linux Mobile
434
Thumbnail
25:09
Observability-driven development with OpenTelemetry
435
Thumbnail
19:27
Nurturing, Motivating and Recognizing Non-Code Contributions
436
Thumbnail
22:54
Visualize the NPM dependencies city ecosystem of your node project in VR
437
Thumbnail
1:01:01
Fear the mutants. Love the mutants.
438
Thumbnail
27:11
MPTCP in the upstream kernel
439
Thumbnail
24:14
Localize your open source project with Pontoon
440
Thumbnail
31:17
The Road to Intl.MessageFormat
441
Thumbnail
22:38
Firefox Profiler beyond the web
442
Thumbnail
25:38
Understanding the energy use of Firefox
443
Thumbnail
26:45
The Digital Services Act 101
444
Thumbnail
24:08
Cache The World
445
Thumbnail
17:10
Mobian: to stable... and beyond!
446
Thumbnail
25:17
meta netdevices
447
Thumbnail
17:45
Mainline Linux on recent Qualcomm SoCs: Fairphone 4
448
Thumbnail
24:57
Lomiri Mobile Linux in Desktop mode
449
Thumbnail
30:22
Loki: Cloud Native Logging
450
Thumbnail
24:31
Linux Kernel Functional Testing
451
Thumbnail
25:20
Linux Distributions’ State of Gaming
452
Thumbnail
09:11
Lightning Talks: NetXMS | Parca | OpenSearch
453
Thumbnail
22:52
Open Source Initiative: Proposed Changes to License Review Process
454
Thumbnail
50:44
Panel: Hot Topics - Organizers of the Legal & Policy DevRoom discuss the issues of the day
455
Thumbnail
51:33
Learning From the Big Failures To Improve FOSS Advocacy and Adoption
456
Thumbnail
23:28
Exploring the power of OpenTelemetry on Kubernetes
457
Thumbnail
13:43
KubeOS: Container OS based on OpenEuler
458
Thumbnail
19:12
KRuMP - Kotlin-Rust-Multiplatform?!
459
Thumbnail
24:07
Why we ditched JavaScript for Kotlin/JS
460
Thumbnail
23:22
Kotlin Multiplatform: From “Hello World” to the Real World
461
Thumbnail
12:56
Kotlin Multiplatform for Android & iOS library developers
462
Thumbnail
16:55
Hacking the Linux Kernel to get moar FPS
463
Thumbnail
29:33
KDLP: Kernel Development Learning Pipeline
464
Thumbnail
19:40
How we build and maintain Kairos
465
Thumbnail
24:06
jxr in /engine/ - coding in WebXR on a plane
466
Thumbnail
26:56
Improving the Kotlin Developer Experience in Koin 3.2
467
Thumbnail
22:42
Javascript for Privacy-Protecting Peer-to-Peer Applications
468
Thumbnail
27:19
Exploring Database Containers
469
Thumbnail
29:30
7 years of cgroup v2: the future of Linux resource control
470
Thumbnail
29:54
Bottlerocket OS - a container-optimized Linux
471
Thumbnail
25:13
composefs: An opportunistically sharing verified image filesystem
472
Thumbnail
31:54
Just A Community Minute
473
Thumbnail
16:50
CentOS Stream: RHEL development in public
474
Thumbnail
30:10
Centering DEI Within Your Open Source Project
475
Thumbnail
30:48
Building Open Source Teams
476
Thumbnail
22:25
Building a UX Research toolkit
477
Thumbnail
08:55
Bluetooth state in PipeWire and WirePlumber
478
Thumbnail
24:32
Developing Bluetooth Mesh networks with Rust
479
Thumbnail
25:16
eBPF loader deep dive
480
Thumbnail
21:49
Monitor your databases with Open Source tools like PMM
481
Thumbnail
17:41
Optimizing BPF hashmap and friends
482
Thumbnail
23:55
Be pushy! Let's join for wider and better Kotlin support worldwide
483
Thumbnail
23:20
barebox, the bootloader for Linux kernel developers
484
Thumbnail
22:13
Reckoning with new app store changes: Is now our chance?
485
Thumbnail
25:36
A practical approach to build an open and evolvable Digital Experience Platform (DXP)
486
Thumbnail
22:04
Zig and Guile for fast code and a REPL
487
Thumbnail
38:24
Zero Knowledge Cryptography and Anonymous Engineering
488
Thumbnail
50:13
Tools for linking Wikidata and OpenStreetMap
489
Thumbnail
31:02
Matrix Widgets in the "Sovereign Workplace" for the German public sector
490
Thumbnail
35:19
Whippet: A new production embeddable garbage collector
491
Thumbnail
16:37
Quantitative Analysis of Open Source WebRTC Developer Trends
492
Thumbnail
23:54
Exploring WebAssembly with Forth (and vice versa)
493
Thumbnail
17:49
W3C WebRTC Meetup Update
494
Thumbnail
14:51
Using SPDK with the Xen hypervisor
495
Thumbnail
25:45
OKD Virtualization: what’s new, what’s next
496
Thumbnail
25:16
A journey through supporting VMs with dedicated CPUs on Kubernetes
497
Thumbnail
19:36
Fuzzing Device Models in Rust: Common Pitfalls
498
Thumbnail
26:15
blkhash - fast disk image checksums
499
Thumbnail
31:21
Trustworthy Platform Module
500
Thumbnail
28:49
Trixnity: One Matrix SDK for (almost) everything written in Kotlin
501
Thumbnail
50:53
Clear skies, no clouds in sight. Running a 14 person company on only free software.
502
Thumbnail
24:53
Semihosting U-Boot
503
Thumbnail
18:51
Secure payments over VoIP calls in the cloud
504
Thumbnail
26:56
Online schema change at scale in TiDB
505
Thumbnail
12:15
Scaling Open Source Realtime Messaging System for Millions
506
Thumbnail
40:54
Self-Hosting (Almost) All The Way Down
507
Thumbnail
35:16
QtRVSim—Education from Assembly to Pipeline, Cache Performance, and C Level Programming
508
Thumbnail
35:43
Bringing up the OpenHW Group RISC-V tool chains
509
Thumbnail
37:20
Porting RISC-V to GNU Guix
510
Thumbnail
28:24
How to add an GCC builtin to the RISC-V compiler
511
Thumbnail
48:21
Reimplementing the Coreutils in a modern language (Rust)
512
Thumbnail
39:11
Building an Plant Monitoring App with InfluxDB, Python, and Flask with Edge to cloud replication
513
Thumbnail
50:53
Passwordless Linux - where are we?
514
Thumbnail
32:38
Open Source Firmware status on AMD platforms 2023 - 4th edition
515
Thumbnail
45:36
DNF5: the new era in RPM software management
516
Thumbnail
24:55
Deep Dive Into Query Performance
517
Thumbnail
22:15
Data-in-use Encryption with MariaDB
518
Thumbnail
22:09
Transparent, asynchronous, efficient communication
519
Thumbnail
26:40
Migrating from proprietary to Open-Source knowledge management tools
520
Thumbnail
15:26
The Relentless March of Markdown
521
Thumbnail
24:30
Optimizing your core application for integration
522
Thumbnail
25:41
Nextcloud Numbers and Hubs
523
Thumbnail
25:05
Deploy an enterprise search server with Fess
524
Thumbnail
23:05
Collaborating with Collabora Online
525
Thumbnail
50:45
The End of Free Software
526
Thumbnail
07:03
Build your own Real Time Billing using CGRateS
527
Thumbnail
29:51
Open Source Confidential Computing with RISC-V
528
Thumbnail
22:42
Keeping safety-critical programs alive when Linux isn’t able to
529
Thumbnail
18:44
We need a Let’s Encrypt movement for Confidential Computing
530
Thumbnail
19:51
LSKV: Democratising Confidential Computing from the Core
531
Thumbnail
25:05
Autonomous Confidential Kubernetes
532
Thumbnail
29:03
Introduction to Secure Execution for s390x
533
Thumbnail
27:37
Tilting a Pyramid: Confidentiality in a Cloud Native Environment
534
Thumbnail
50:30
Open Source Business Guidebook
535
Thumbnail
13:13
Bridging ActivityPub with Kazarma
536
Thumbnail
31:29
Overview of Secure Boot state in the ARM-based SoCs 2nd edition
537
Thumbnail
22:23
Hardware-backed attestation in TLS
538
Thumbnail
47:10
Maker Tools in the Browser
539
Thumbnail
29:15
The under-equipped social scientist ?
540
Thumbnail
27:26
Over a decade of anti-tracking work at Mozilla
541
Thumbnail
26:04
Building External Evangelists
542
Thumbnail
16:59
Hardening Linux System with File Access Policy Daemon
00:00
Presentation of a groupComputer hardwareMechanism designWorkloadPublic key certificateEncryptionTransport Layer SecurityClient (computing)Extension (kinesiology)Suite (music)Server (computing)Formal verificationGeneric programmingLatent heatComputer configurationConfiguration spaceInternetworkingInformation securityAuthenticationBootingPerfect groupRoundness (object)Key (cryptography)Right angleIdentity managementCodeArrow of timePoint (geometry)AuthorizationTerm (mathematics)TelecommunicationMultiplication signPhysicalismScaling (geometry)Connectivity (graph theory)FirmwareOpen setSocial classBenchmarkWorkloadResultantSoftwareQuicksortPoint cloudServer (computing)Formal verificationMetadataMechanism designSurfaceState of matterPeer-to-peerLogicMinimal surfaceINTEGRALCryptographySoftware developerFront and back endsService (economics)NumberStack (abstract data type)RootPrototypeConnected spaceTheoryCASE <Informatik>Communications protocolEndliche ModelltheoriePublic key certificateDirection (geometry)Numbering schemeEncryptionInformation privacyExtension (kinesiology)Open sourceClient (computing)Internet der DingeGroup actionMereologyRevision controlComputer architectureBitGreatest elementRemote procedure callCartesian coordinate systemAbstractionMessage passing2 (number)InformationType theoryDependent and independent variablesSuite (music)Computing platformVariancePlanningProjective planeKernel (computing)Interactive televisionTransport Layer SecuritySign (mathematics)Computer hardwareToken ringDecision theorySoftware engineeringArmBuildingDataflowInterface (computing)Core dumpImplementationDifferent (Kate Ryan album)Generic programmingDiagramConfiguration spaceFactory (trading post)SynchronizationProof theoryOcean currentDiagramProgram flowchart
Transcript: English(auto-generated)
00:00
I trust that everyone here considers authentication a staple of internet security and that you think that having more information about the security state of your peer when authenticating them is obviously a good thing if you want to make a good decision.
00:21
So with that in mind, I want to talk to you about our work to integrate remote attestation as an authentication mechanism in TLS. So first off, who am I? I'm Yanoz Mihaljia. I'm a senior software engineer in ARM. I do mostly software prototyping, so doing proof of concepts for various software stacks
00:42
that we think might be useful for our software ecosystems. So looking at an overview of the presentation, so we're going to start with some theory, looking at remote attestation at TLS, and how we plan to integrate the two. And then we're going to continue looking at the practice at the prototype that we're building
01:01
to instantiate the theory and the draft that we're working on. So let's kick off with the theory. What exactly are we trying to improve here? So the current internet security model is mostly based around an assumption that the tracker is somewhere on the communication path between the peers.
01:23
So what you usually do is you have some sort of certificate that you issue to the workloads, and you have the private key associated with that certificate. And the workload can then essentially authenticate itself to its peers. But the problem is that in this trust model, you have to trust that that workload is indeed
01:44
running the software that you're assuming it's running. So even if, for example, your peer presumably uses some open source software, you still have to trust them that they've deployed that, and that that's where they're running.
02:00
And also that they're keeping their key secure, because if the software is changed or if the key is exfiltrated, then you're kind of hosed. So if you want to have more guarantees, can we actually use more emotive verifiable information within our authentication methods so that we have more information about the security state of that workload, and it's key.
02:27
And we actually were prompted to look at this from two use cases in particular. So the first one involves IoT or edge deployment. So for example, you have in this diagram, you have an edge device that has a private
02:43
identity key that was provisioned at manufacturing time. And with this identity key, you want to create some attestation credential that you can present to a service. So presumably you own both the device and the service, and you want to make sure that
03:01
only your devices connect and can access whatever service, whatever the service is doing. And sort of a mirror use case is, is one that involves workloads running in the cloud. So you have, you have again, the workload that has a private identity key provisioned, for example, in in the server chip, and you want your local device to connect to the workload.
03:27
And you want to get more information about software, for example, the software that booted on the server, and how the key is managed. This is where remote attestation comes in. So remote attestation is essentially a class of hardware backed mechanisms that allows
03:43
you to provide cryptographically verifiable metadata about the state of your device. So you can have more trust about, for example, what kind of firmware was running at boot time, what OS kernel you're running, and maybe even what, what the software in the workload
04:02
is. So you do this by using that private identity key that was provisioned within the device. And the device essentially becomes certificate authority for itself. And it can issue credentials for all the workloads around on top of it. If we look at the data flow for remote attestation, this is a bit complicated.
04:26
And it's useful to think of the arrows not as physical communication paths, but as logical data flows, essentially. And the components that we care mostly about here are the attester and the relying party.
04:40
So authentication happens between these two, and it's the attester that wants to authenticate themselves using some sort of remote attestation. And as you can see from the diagram, they're not actually connected in the data flow. There's another component there called a verifier, which takes the attestation evidence, produces attestation results that the relying party can then understand and trust.
05:06
And the verifier also has above in the diagram, a sort of supply chain, and in particular, the endorser and the reference value providers, they issue, essentially they provision the attester with its software, the boot time software, for example, and its identity key.
05:25
And then with this information about the attester, they can go ahead and talk to the verifier and make sure that the verifier trusts the device. So when the verifier tries to appraise the evidence, it understands it and trusts it
05:40
and then can produce valid attestation results. Switching on to TLS, so the transport layer security, a pretty ubiquitous security protocol. It's used everywhere from HTTPS to lightweight M2M to provide secure channels of communication.
06:01
And these secure channels essentially follow a handshake protocol where the peers authenticate each other. And what usually happens with remote attestation is that you establish a security channel, the secure channel, and you do remote attestation on top of that. As we're trying to integrate remote attestation directly into TLS to make it more efficient
06:22
and also to limit the attack surface that an attacker might see. If we look at TLS 1.3, the handshake in particular, and how we want to integrate with it. So the handshake starts with the client sending over a client hello, a key share, and in that
06:40
client hello, a bunch of extensions and other things for the server to act upon. Then the server sends its, for example, any chosen cipher suit or any other responses to the extensions that the client sends, has its own key share, and then it authenticates
07:00
itself using a certificate message and the certificate verifier and ends with a finish. And then the client can go ahead and authenticate itself using a certificate message and a certificate verifier, and it finishes the handshake with a finish message. After that, you have a secure data channel between the two peers.
07:22
It's important to note for privacy reasons mostly that from the second flight onwards, most of those messages are actually encrypted. For example, the certificate verifier is encrypted using session keys. In terms of what we care about, it's the extensions mostly, because those are used to negotiate,
07:43
negotiate a type of credentials that, for example, the relying party might care about, and also to send across any freshness that is required to issue the attestation evidence. And also, we care about the certificate message, because that's obviously where we're going to carry the attestation credentials.
08:03
Just to state our goals, our high-level goals, obviously we want to enhance authentication in TLS to support your model attestation. We want to support as many platforms as possible, from very beefy cloud servers to small IoT
08:21
devices. And we want to support the most common deployment patterns, so for example, we want to allow both client and server to authenticate, or potentially both. We want to allow existing deployments that use PKI to also use remote attestation within the same handshake just to enhance the security, so there's a whole lot of variance there.
08:44
In terms of security and privacy, we're planning to formally verify the extensions that we're creating, and we're working quite meticulously to try to prevent any potential attacks. For example, relay attacks, where taking a credential from some victim platform, and
09:01
you're trying to pawn that off as your own. Then in terms of privacy, fortunately, attestation does reveal quite a lot of metadata, and this can be both privacy and security relevant, and the best we can do is to mitigate some
09:22
of these by allowing the relying party to choose what kind of attestation scheme or attestation results it gets. So you can get, for example, specially crafted attestation results that have blinded or redacted some of the metadata, or schemes like direct anonymous attestation that provides some sort
09:41
of privacy. Moving on to the practice, so looking at our prototype. The big picture here is that we're trying to produce an end-to-end prototype of the system, so we're trying to implement everything from the root of trust all the way to the verifier, and we're sort of limiting this because our drafts and our theoretical work
10:04
is quite broad and allows a lot of deployment patterns, so we're limiting this to, for example, a background check model that I'll talk about in a bit, and the TPM 2.0 as a root of trust. And obviously we're open-sourcing the entire stack, also because these components that
10:24
we're using are already open-source software, part of, for example, the Cloud Native Computing Foundation or the Confidential Computing Consortium, and it's actually under the Confidential Computing Consortium attestation special interest group that our work is harbored.
10:41
Going back, actually, to the remote attestation diagram, architecture diagram, you can see here a simplified version of that, so on the bottom you can see an attester with an existing root of trust, and the attester wants to communicate with their relying party to authenticate it,
11:00
and the relying party will then send the attestation evidence over to the verifier for verification. So this is what is called, what we call background check model, because the relying party is doing background check on the evidence provided by the attester, and in our case, if we put a bit more flesh onto this diagram, you can see that, in our case, the attester will be
11:24
a client in a TLS handshake, and the relying party will be the server, and the TLS stack that we're using is embedTLS, and the client will essentially send attestation evidence produced by the client's root of trust, and embedTLS on the client side will communicate
11:46
with the root of trust, not directly, but through Parsec, which is one of the projects that we've been developing, and on the server side, you have embedTLS, again, communicating with the verifier, which is, in our case, composed using the veraison. So now let's have a look at all of these components independently.
12:04
So Parsec. What is Parsec? Parsec is a platform abstraction for security, so if you write, you try to write an application in Java or Python or Go, you might want to use some sort of cryptographic hardware backing, so for example, a discrete EPM, or some trusted services running in TrustZone, and you want
12:23
to use these in a more generic way, and this is what Parsec is doing, it's presenting a high-level interface that you can use to provision, and Parsec, in particular, has this sort of identity key as a core use case that it works with, so it tries to allow you
12:44
to create an identity for your workload, and to use it, for example, to sign TLS handshakes. And Parsec is also quite modular, so it's really easy to implement backends for other types of hardware backends that you might want to support.
13:03
Moving on to the other end, so we have veraison, which is a set of components that can be used to build an attestation verification service. So again, veraison is pretty abstract, it has a bunch of components, for example, for appraising different types of attestation schemes, has components for building, for
13:21
example, APIs for evidence provisioning, or for endorsement provisioning for verification APIs, so in this diagram here, some factories is creating a device, and then producing the endorsement data that it then feeds to veraison, and when the device tries to connect to an
13:43
application service, that application service can again go to veraison to verify those credentials. In terms of what the work that we had to do to make this prototype work across the stack, so Parsec, as I've said, works mostly with cryptographic keys, however, at the moment,
14:06
we don't have, we didn't have a very generic key attestation API, and this is something that we had to build to produce those attestation tokens, or attestation evidence. Parsec also needs to have configuration to allow it to essentially provision its own
14:24
identity, so an attesting key that it can use to sign attestation credentials, and also ways to, for example, select the TPMPCRs that you want to include in the attestation tokens, for example, to select whether you want to send information about your firmware, or about
14:41
your bootloader, or about your operating system kernel. And we also have a new API to produce endorsements that are then fed to veraison for endorsements, so veraison can then trust the key attestation tokens. On the veraison side, again, we have to add
15:04
support for the precise attestation scheme that we're using, and essentially we had to build two new plugins, so one to understand the evidence that we're producing through Parsec, and one to understand the endorsements. So what essentially we're doing here is we
15:23
have two components, and we're trying to make them agnostic of whatever is transporting evidence and endorsements between them, which in our case is actually a bad TLS. So the TLS implementation that we're using, the TLS, is implementation of TLS and the TLS, and
15:42
the reason why, it's actually multiple reasons why we're using it, so one of them is because it offers this PSA crypto API, which Parsec hooks into as per our design, since we created it in sync with the PSA crypto API. It also has a small code footprint, so it's more suitable
16:03
for IoT and edge use cases, like the one that I described earlier, and also we had already expertise working with embed TLS, so it was easier for us to work with it. So the open source ecosystem around our projects, and this is something that has been quite important for
16:20
me in the past years while I've been working on Parsec, realizing that open source is more than just some checkbox that we want to take, and that's it. It's more about the continuous involvement in the community and trying to pool the expertise and the work required to
16:40
create some components that we can reuse across all of our stacks. And, yeah, this is the reason why we've been seeding projects into CNCF and CCC, because we're trying to create these communities around our projects and to create the ecosystems around our use cases.
17:02
So if we look at the Rust ecosystem in particular, for example, because the Parsec service is written in Rust, we've released a number of crates relevant to handling roots of trust. So, for example, we've released the TSA API crate that helps with interacting natively
17:21
with TPMs. We've released the Cryptokey crate, which is essentially a successor to the PKCS11 crate that was abandoned some time ago. And we have the PSA Cryptocrate that allows native interaction with PSA cryptography API. And it's actually been quite a nice experience
17:42
to see the communities around these projects grow and have more developers from various projects, some of which have actually presented today, getting involved and helping us build this ecosystem. Yeah, the more important goal for us, at least, is not just to make these particular backends
18:02
easy to use in Rust, but perhaps even to make them easy to use in an abstract way. So instead of having to integrate with TPMs or PKCS11 individually, what if we could integrate with all of them via Parsec directly?
18:20
On the Go ecosystem side, we also have a bunch of packages that we've released. A notable one is GoCozy, which I believe was initially developed by Mozilla and abandoned. But then our Verizon team took it over, gave it a good dusting, and then released it. And now
18:40
it's, I think it's used quite widely, for example, by Notary and Sixtor. And we also have a bunch of other packages relevant to remote attestation verification, like Swede or Quorum. And yeah, this brings me to my main selling point here, is that we're trying to essentially
19:00
build an ecosystem where attestation can just be used as a plugin for authentication. So whether you integrate it within the authentication step of a TLS stack, or perhaps you want to switch that to some sort of quick stack, or maybe you want to even have some sort of bespoke authentication server and workload trying to authenticate to it, we're trying to make
19:22
it easy to use remote attestation by making Parsec and Verizon interact so easily, so you can just plug those components in and hopefully get attestation right as it walks. So just to wrap up here, we think that remote attestation is indeed a viable authentication
19:44
mechanism in TLS and perhaps in other protocols as well in the future. Our design, both in terms of theoretical design, so the drafts, the TLS extensions try to be as flexible and secure as possible, but also the prototype that we're building, we're trying to make it quite flexible as well. And we want to refine all of our drafts and all of the things that
20:05
we're trying to define with other people across the industry, trying to create an end-to-end prototype that represents all of this theoretical work. And yeah, we're hoping that the prototype will serve as a model for integrating remote attestation not just into specific
20:22
protocols but more widely. So yeah, questions? So any questions from the room? I see a hand.
20:46
Yeah, thank you. You mentioned you're working under CNCF and CCCF. Have you also considered the open source firmware foundation? The open source? Open source firmware foundation. No, not really all. I mean, neither of these, neither of Parsec or Verizon are really
21:03
firmware level components. Right. So yeah, we're essentially doing very similar stuff, but doing the full flow, like starting from the very first code running on your platform, like in the firmware, we should get in touch. Thank you. Perfect.
21:22
Hey, thanks for the talk. I was kind of curious how big the impact is on like round trip times in TLS if you have like secure enclave or TPM involved in like the initial handshake, like how does that, do you see any problems in practice putting that in scale, at scale or?
21:40
We've not really gotten to the point where we can properly test end-to-end in terms of actually going to hardware and talking to hardware. So we're mostly doing with like software TPMs and stuff like that. So just to integrate, we still have some integration work to do there. But yeah, we're definitely going to benchmark that and see how it impacts. But it obviously depends on the hardware because if we do that on some server, you know,
22:03
some cloud server, that's going to be quite different from doing it on an IoT device that has a TPM or something like that. Okay, do we have some other questions? Anyone? If not, thank you for your talk. Thanks.