Insight series: What is device attestation?
By Jeremy O'Donoghue, Chair of GlobalPlatform’s Trusted Platform Services (TPS) Committee
As an organization that is founded on the expertise and insights of our members, we have taken the opportunity to discuss some of the new and emerging technologies shaping our industries, and how GlobalPlatform is working to define standards that enable digital devices and services to be securely brought to market.
In this interview, Jeremy O’Donoghue, Chair of GlobalPlatform’s Trusted Platform Services (TPS) Committee and Director of Engineering at Qualcomm, explains what attestation is and why it is so important for the success of secure IoT deployments. Jeremy also shares insight into GlobalPlatform’s Entity Attestation API specification and how it will bring greater trust to the connected device ecosystem.
GlobalPlatform: Firstly, what is device attestation?
Jeremy O’Donoghue: The basic idea of attestation is that it is trustworthy evidence or proof about something. In the case of a cybersecurity system, for example, it means that a relying party like a bank or an IoT cloud provider can be confident about what it is that they are receiving from a device.
Digging deeper into that, what we really mean by attestation is that we have a Secure Environment – a Root of Trust – that is providing cryptographically signed evidence about the state of the device. For example, is it securely booted, is debug enabled, is there any evidence of tampering? This enables the relying party, because it is cryptographically signed, to verify that it is a particular device from a particular manufacturer, and that it has not been tampered with before it is connected to the network
GlobalPlatform: Why is attestation important for the success of IoT deployments?
Jeremy O’Donoghue: One of the big challenges of the IoT has been achieving confidence in the growing number of ‘things’ that are now connecting to our networks. Are they really what they say they are? Will they behave as they should and not cause risks to the network? And we have seen security be a real problem. Attestation helps us to find those devices that have been tampered with, or may have a bad or outdated version of software running on them, or even be outright fakes, to be identified. These are the types of things that you can determine.
By having confidence in the things on your network, backed by a RoT and ideally one that is security certified, you begin to make real and accurate assessments about what it is that you have and how much you can trust it.
GlobalPlatform: Are there any interoperability challenges and are they limiting adoption?
Jeremy O’Donoghue: Today it is very difficult to do trustworthy attestations, and in practice relying parties have to use some sort of proprietary set of metrics to identify information about the device they are talking to. There is ongoing activity among standards bodies to ensure a single and interoperable base standard, so that relying parties and device manufacturers can be confident that what they are developing is likely to be widely used and interoperable.
GlobalPlatform is particularly well positioned to help because, with our compliance programs and with all our interoperability testing schemes, we’re able to create devices that you can be confident will have a high degree of interoperability. Additionally, and what is crucial, is that the whole attestation framework that we are using is already being broadly standardized at the IETF, and there is growing interest from other groups. We are confident that, in time, interoperability challenges will go away and there will be a single and reliable way of determining trustworthy evidence about a device that, because it is backed by a RoT, has genuine confidence behind it.
GlobalPlatform: What is the value of GlobalPlatform’s Entity Attestation API?
Jeremy O’Donoghue: The value really is several fold. We are taking an openly developed standard – that is the Entity Attestation Token (EAT) work from the IETF – and we are extending it to define EAT that has been produced in a GlobalPlatform RoT. Going one step further, we’re defining how that RoT behaves and covering the security certification of it. This would enable trustworthy attestation, and not only one from a Secure Element (SE) or Trusted Execution Environment (TEE), but one from a RoT that has been independently certified, for example, under the GlobalPlatform TEE security certification or Common Criteria. That is a huge value because it brings the ability to know in a trustworthy way that somebody else has audited that RoT.
GlobalPlatform: What are the next steps for the ecosystem?
Jeremy O’Donoghue: The first thing is to finish the specifications and then start early on with the interoperability testing, which we are planning for 2020. Then, and this is the critical factor, we will look at security certification. As I previously discussed, a RoT by its nature is something that you have to trust. The best way to ensure that trust is to get a third party to audit it, for example an independent security laboratory that knows how to break things and can tell you the real level of security that you must have.