Skip to content

Latest commit

 

History

History
131 lines (126 loc) · 6.37 KB

README.md

File metadata and controls

131 lines (126 loc) · 6.37 KB
Raw

RACD-Details

We describe the folders (example, include and src) and files at a high level to give a broad understanding based on the tree structure:

racd-protocol
├── certcommands  
├── docker
│   ├── build.sh
│   ├── docker-image.config
│   └── run.sh
├── Dockerfile
├── example
│   ├── CN=192.168.1.199, O=Verifier, C=DE
│   ├── CN=localhost, O=Verifier, C=DE
│   ├── example.sh
│   ├── my_ca_192-2.crt
│   ├── my_ca_localhost.crt
│   ├── programs100.cbor
│   ├── programs150.cbor
│   ├── programs200.cbor
│   ├── programs250.cbor
│   ├── programs50.cbor
│   ├── prover_192-2.crt
│   ├── prover_192.crt
│   ├── prover_key.key
│   ├── prover_localhost.crt
│   ├── response.cbor
│   ├── selected.cbor
│   ├── swSelection.cbor
│   ├── verifier_100.h
│   ├── verifier_192-2.crt
│   ├── verifier_192.crt
│   ├── verifier.h
│   ├── verifier_key.key
│   └── verifier_localhost.crt
├── include
│   ├── core
│   │   ├── communication
│   │   │   ├── attestphase.h
│   │   │   └── events.h
│   │   ├── dto
│   │   │   ├── ppra_dto.h
│   │   │   └── ppra_dto_message_encdec.h
│   │   ├── hash
│   │   │   ├── hash_sig_verify.h
│   │   │   └── templatehash.h
│   │   ├── nizk
│   │   │   └── nizk.h
│   │   ├── prover
│   │   │   └── prover.h
│   │   ├── tpm2_charra
│   │   │   ├── charra_helper.h
│   │   │   ├── charra_key_mgr.h
│   │   │   └── charra_util.h
│   │   └── verifier
│   │       └── verifier.h
│   ├── evaluation
│   │   └── duration.h
│   └── util
│       ├── buftohex.h
│       ├── cbor_help.h
│       ├── clock-profiling.h
│       ├── fileIO.h
│       ├── nonce.h
│       └── tpm2_util.h
├── Makefile
├── Makefileclient
├── Makefile_generator
├── Makefileserver
└── src
    ├── core
    │   ├── communication
    │   │   ├── attestphase.c
    │   │   └── events.c
    │   ├── dto
    │   │   └── ppra_dto_message_encdec.c
    │   ├── hash
    │   │   ├── hash_sig_verify.c
    │   │   └── templatehash.c
    │   ├── nizk
    │   │   └── nizk.c
    │   ├── prover
    │   │   └── prover.c
    │   ├── tpm2_charra
    │   │   ├── charra_helper.c
    │   │   ├── charra_key_mgr.c
    │   │   └── charra_util.c
    │   └── verifier
    │       └── verifier.c
    ├── evaluation
    │   ├── duration.c
    │   └── evaluation.c
    ├── generator.c
    └── util
        ├── buftohex.c
        ├── cbor_help.c
        ├── clock-profiling.c
        ├── fileIO.c
        ├── nonce.c
        └── tpm2_util.c

In the root folder we provide make files, where the MakeFileclient generates the executable of the verifier (partial verifier) and the Makefileserver generates the executable of the attester. The Makefilegenertor generates the cbor file examples in the example folder.

Example Folder

Files Content
CN=IP-Adress,O=Verifier,C=DE These files are the self-signed Certificate Authority for a given IP-address. We generated three example files one for localhost and two for different IP-adresses.
example.sh The example.sh file contains the commands of executing the attester and verifier with pre-configured parameters.
*.crt The crt files are the generated certificates for the attester and verifier based on the generated CA.
*.cbor The cbor files contain the data generated by the generator.c such as the file paths and the template hashes. These files are used for the measured boot and for the constrained disclosure for the partial verifier (see Figure 4 in our paper).
*.key The *.key files are from the attester and verifier to create an authenticated session during the remote attestation.

Include and Src Folder

In the include folder, we provide the header files with the function signature. However, the implementation of the functions is in the src folder. The src/core folder contains the major parts of the racd-protocol.

Files Content
prover/prover.c The prover folder contains the code of the attester which creates with mbedTLS a socket and waits for the verifier to connect.
verifier/verifier.c The verifier folder contains the code of the partial verifier which creates with mbedTLS a socket and connects to the attester.
tpm2_charra/* In this project we integrated functions from CHARRA to execute certain functions on the TPM, such as creating a key.
hash/templatehash.c In this file we implement the template hash as described in Section 5.1 in our paper.
hash/hash_sig_verify.c This file provides the functions for generating sha256 hashes, verifying the signature, and converting the RSA public from the TPM into the mbedTLS format.
nizk/nizk.c The nizk.c contains the implementation of Algorithm 1 and Algorithm 2 as stated in our paper. The implementation uses the libsodium library where we use the ristretto255 to generate the NIZK proof (https://ristretto.group/ristretto.html).
dto/* This folder contains only the encoding of the data transfer objects based on the QCBOR library.
communication/attestphase.c Here we implement the functions necessary to do the measured boot, requesting the attestation and providing the attestation response. This file is the core file of the entire project, where information from TPM is retrieved through TSS API.
communication/events.c This file describes the encoding and the decoding of events objects.
util/* The util folder contains programs to generate the nonce, reading files, and helper functions.
evaluation/* This folder contains functions to measure the CPU cycle of our protocol and the execution time.