Results of 1st period

Summary of the context and overall objectives of the project

The vision of FutureTPM is to provide a new generation of TPM-based solutions, incorporating robust and physically secure Quantum-Resistant (QR) cryptographic primitives, to ensure long-term security, privacy and operational assurance in the complex domain of future ICT systems and services. The goal is to enable a smooth transition from current TPM environments, based on traditional cryptography, to systems providing enhanced security through QR cryptographic functions, including secure authentication, encryption and signing functions, thus, turning the host device into a “hardened” security token that may also remain secure long-term against an enhanced threat landscape in quantum computing deployments. By selecting current state-of-the-art QR algorithms (and designing new schemes) for primitives like Key Management, Encryption, Signatures, Hash-Functions, Message Authentication Codes (MACs) and Direct Anonymous Attestation (DAA), FutureTPM will fill the perceived gaps in the current status of cybersecurity. This will enable the system to generate a secure root of trust that can be used for e.g., interacting with cloud services, accessing corporate services and performing banking and eCommerce transactions. For each primitive, detailed attention will be paid to investigate a security threat model, to formalise security properties and to provide formal proofs. This architecture will also be enhanced with detailed threat modelling and risk assessment (both during design- and run-time) functionalities so as to provide a holistic TPM-backed solution capturing the strict security and privacy requirements of all deployed edge and infrastructure assets considered in various application domains. Accompanying with the QR TPM design and implementation, the FutureTPM project will demonstrate three use cases (namely ePayment, Activity Tracking and Device Management), which will be used to validate the feasibility and performance of the FutureTPM solution in these three selected real-world systems that may be affected by the advent of quantum computing as a threat to security.

Work performed from the beginning of the project to the end of the period covered by the report and main results achieved so far

In the FutureTPM project, we have investigated technical and security, privacy and operational assurance requirements for the new generation of the TPM-based solutions that are secure against the future large-scale quantum computer attacks. We have also conceptualized three industry-driven use cases that will allow the validation of the project research results in real-world scenarios and how the overall FutureTPM solution can serve vertical industry needs. These contributions have been published in the deliverables of WP1.

We have also identified a set of QR cryptographic primitives which could replace all of the classes of crypto algorithms supported by the existing TPM technology. Our selection is based on the state-of-the-art researches in the Post-Quantum Cryptography (PQC) field; for example, several digital signatures, asymmetric encryption and key exchange mechanisms are chosen from the latest round of the NIST PQC standardisation process. This set of selected cryptographic mechanisms will be implemented in one of the three TPM environments; namely SW-, HW- and Virtual-based TPM. The suitability of their inclusion in a future TPM will be further evaluated based on the implementation performance, security analysis and public reviews. This achievement has been reported in the first deliverables of WP2.

In this line of research, the FutureTPM consortium has also designed two lattice-based Direct Anonymous Attestation (DAA) schemes. DAA is an important cryptographic primitive that was originally designed to support user privacy when using a TPM chip. The QR DAA research has not yet been covered by existing standardization efforts. We have implemented one of these two schemes in a software-based TPM environment and we will implement the other DAA variant in the second part of the project. These will then be evaluated considering the feasibility of their inclusion in a future TPM. Both of these two DAA schemes have been published in scientific research papers.

The security modelling and analysis of the existing TPM technology and the QR cryptographic mechanisms have started (WP3) with the initial results been reported in the first two deliverables. In this work, we have discovered some interesting research problems and targets which we will be tackling in the second part of the project.

The FutureTPM threat modelling, risk assessment, and runtime risk assessment are another important part of the project and it has been carried out in WP4. Research has culminated to the development of holistic risk assessment framework capable of providing functionalities during both design-time, where an initial risk graph of all possible threats and risks are identified, and run-time, where the risk graph can be updated in order to achieve the required security, trust and privacy properties in the case of newly identified (e.g., zero-day) vulnerabilities. The current results have been published in the first three deliverables of WP4.

We have implemented several selected QR cryptographic mechanisms (WP5), with some initial evaluation results already been available. More selected mechanisms will be implemented in the second part of the project where a detailed testing will also be conducted in the context of the envisioned use cases. An initial on-boarding of this set of enriched use cases, in the overall FutureTPM framework, has already started, leading to initial outcomes with regards to the validity of TPM-backed solutions to serve vertical industry needs.

Finally, regarding dissemination, awareness, and standardization activities, it is worth noting the great effort of FutureTPM consortium in clustering with other EU security- and privacy-related research project activities (e.g., PROMETHEUS, PAPAYA, and ASTRID) towards improving “cyber security”. For the latter, a number of actions were taken for the promotion of the project results to the trusted computing community and close follow-up of standardization activities (i.e., Trusted Computing Group (TCG), NIST) leading to the validation of the FutureTPM results from a technical and business perspective.

Progress beyond the state of the art and expected potential impact (including the socio-economic impact and the wider societal implications of the project so far)

The FutureTPM project has drawn a lot of attention from the trusted computing community towards increasing the trustworthiness of ICT services and products. Based on the information from the Trusted Computing Group (TCG), more than a billion devices already use the TPM technologies. Virtually all enterprise personal computers, many servers and embedded systems include the TPM. Furthermore, all related TCG technologies, such as self-encrypting drivers and network security specifications have been used by networking equipment and other devices. All of these systems and applications will directly benefit from the research results produced from the FutureTPM project.

Except from trusted computing, this project also has a strong impact on other applications of applied cryptography in general. For any application, which requires long-term security for data protection and user privacy, it can follow the outputted research results and technical guidance from this project to make a smooth transition from today’s cryptographic mechanisms to post-quantum cryptographic solutions. All these solutions will be implemented and heavily tested, thus, enabling the improvement in performance and efficiency of cryptography beyond the state of the art.