Remote Attestation with Keylime

CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/61964 (DOI)

Publisher

FOSDEM VZW

Release Date

2023

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

In various scenarios, it is necessary to attest the integrity of a remote machine, making sure that the system was booted securely, essential files were not modified and that only allowed software is executed. For this purpose, we present Keylime as a remote attestation solution. It leverages the trust from the Trusted Platform Module (TPM) in combination with UEFI Measured Boot and the Linux Kernel Integrity Measurement Architecture (IMA) which are probably available on your system today. We will present how Keylime works and real world applications for remote attestation.