Trusted computing and systems

We can use hardware to make systems more secure; however adding extra hardware is costly and can make the system inflexible. Since security is an evolving problem – where attackers compete to find flaws and vulnerabilities in defensive mechanisms – inflexibility can be a real issue. We are working to design security mechanisms that provide some flexibility and can still be cheaply implemented in hardware.


TimeTrust (Robust Timing via Hardware Roots of Trust and Non-standard Hardware)

In our TimeTrust project, we are using and building on the cryptographic functionalities of hardware roots of trust, such as Trusted Platform Modules, to create more secure real-life protocols, including contactless payments and timing/distance-dependent authentication.

For instance, in contactless payments, fraud can take the form of payments made when the payee and payment terminal are not in proximity. This project examines these issues and proposes solutions based on hardware roots of trust, accompanied by formal treatments of security and practical assessments. The TimeTrust solutions are designed to be easy to re-deploy in existing infrastructures, and developed in collaboration with major players in the electronic-payment market.

In the same area, a GCHQ-funded PhD studentship is currently being undertaken to investigate the cryptographic design and provable security of contactless Europay, Mastercard and Visa (EMV) payment systems.

ASTRID (AddreSsing ThReats for virtualIseD services)

Cloud-based services often follow the same logical structure as private networks, with the lack of physical boundaries and dependence on a third party’s infrastructural security mechanisms often undermining confidence in the overall security level of virtualised applications.

Prompted by this growing trend, the ASTRID project aims to build situational awareness for virtualised services to facilitate the detection of sophisticated cyber-attacks and prompt an automated response. This would effectively shift the responsibility for security, privacy and trustworthiness from developers or end users to service providers. It would foster the transition to novel microservices architectures that can support unified access and encryption management, correlation of events and information among different services/applications, support for legal interception and forensics investigation.

In this project, the focus is on detecting vulnerabilities and threats in individual applications as well as across the entire service graph, and also establishing trusted microservices. The novelty lies in decoupling detection algorithms from monitoring and inspection tasks, seeking better integration with virtualisation frameworks.

  • Budget: €3m
  • Funding body: EU H2020
  • Centre lead: Dr Mark Manulis
  • Co-investigator: Professor Steve Schneider
  • Partners: Ericsson, Consorzio Nazionale interuniversitario per le telecomunicazioni, Infocom, Politechnico di Torino, Technische Universitaet Berlin, DANMARKS TEKNISKE UNIVERSITET (DK), Agentscape and GIOUMPITEK MELETI SCHEDIASMOS YLOPOIISI KAI POLISI ERGON PLIROFORIKIS ETAIREIA PERIORISMENIS EFTHYNIS
  • Timeframe: 2018 - 2021.

The growing adoption of cloud technologies and the trend to virtualise applications are inexorably re-shaping the traditional security paradigms, due to the increasing usage of infrastructures outside of the enterprise perimeter and shared with other users.

The need for more agility in software development and maintenance has also fostered the transition to microservices architectures, and the wide adoption of this paradigm has led service developers to protect their applications by including virtualised instances of security appliances in their design. Unfortunately, this often results in security being managed by people without enough skills or specific expertise. It may not be able to cope with threats coming from the virtualisation layer itself (e.g., hypervisor bugs), and also exposes security appliances to the same threats as the other application components. It also complicates legal interception and investigation when some applications or services are suspected of illegal activity.

To overcome the above limitations, the ASTRID project aims at shifting the detection and analysis logic outside of the service graph, by leveraging descriptive context models and their usage in ever smarter orchestration logic, hence shifting the responsibility for security, privacy, and trustworthiness from developers or end users to service providers. This approach brings new opportunities for situational awareness in the growing domain of virtualised services: unified access and encryption management, correlation of events and information among different services/applications, support for legal interception and forensics investigation.

ASTRID will develop a common approach easily portable to different virtualisation scenarios. In this respect, the technology developed by the Project will be validated in two relevant domains, i.e., plain cloud applications and Network Function Virtualisation, which typically exploits rather different chaining and orchestration models.

FUTURE TPM (Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module)

Under the technical lead of the University of Surrey, a consortium of 15 academic and industry partners from across Europe are researching a Quantum-Resistant (QR) TPM - a hardware chip which is used as a ‘root of trust’ for a computing system.

The aim is to develop QR crypto algorithms that can be used in a new generation of TPM-based solutions to enable security when quantum computers become reality – which could be as little as 15 years away.

Three use cases are being developed to test the algorithms in sectors where privacy and security are crucial: Online banking, activity tracking in healthcare, and device management.

  • Budget: €5m
  • Funding: EU H2020
  • Centre lead: Professor Liqun Chen
  • Co-investigators: Dr Kaitai Liang
  • Consortium partners: TECHNIKON, UBITECH, IBM Research, Infineon Technologies, Suite5 Data Intelligence Solutions, INESC-ID, Huawei Technologies, VIVA Payment Services SA, Royal Holloway, University of London, University of Birmingham, Universite du Luxembourg, University of Piraeus Research Center, Technical University of Denmark
  • Timeframe: 2018 - 2021.

The goal of FutureTPM is to design a Quantum-Resistant (QR) Trusted Platform Module (TPM) by designing and developing QR algorithms suitable for inclusion in a TPM. The algorithm design will be accompanied with implementation and performance evaluation, as well as formal security analysis in the full range of TPM environments: i.e. hardware, software and virtualisation environments. Use cases in online banking, activity tracking and device management will provide environments and applications to validate the FutureTPM framework.

Security, privacy and trust in a computing system are usually achieved using tamper-resistant devices to provide core cryptographic and security functions. The TPM is one such device and provides the system with a root-of-trust and a cryptographic engine. However, to sustain this enhanced system security it is crucial that the crypto functions in the TPM are not merely secure for today but will also remain secure in the long-term against quantum attacks.

FutureTPM will address this challenge by providing robust and provably-secure QR algorithms for a new generation of TPMs. Research on quantum computers has drawn enormous attention from governments and industry; if, as predicted, a large-scale quantum computer becomes a reality within the next 15 years, existing public-key algorithms will be open to attack. Any significant change to a TPM takes time and requires theoretical and practical research before adoption. Therefore, to ensure a smooth transition to QR cryptography we should start now. A key strategic objective of FutureTPM is to contribute to standardization efforts at EU level within TCG, ISO/IEC and ETSI. The consortium consists of high calibre industrial and academic partners from across Europe, combining QR crypto researchers with TPM developers. Because the TPM shares many functions in common with other widely-used devices, such as HSMs and TEEs, the FutureTPM solution is expected to benefit them as well.