FutureTPM - Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module

Date: 
01/01/2018 to 31/12/2018

Introduction

FutureTPM will provide a new generation of TPM-based solutions, incorporating robust and formally verified QR cryptographic primitives.
The goal is to enable a smooth transition from current TPM environments, based on existing standardised cryptographic techniques, to systems providing enhanced security through QR cryptographic functions, including secure authentication, encryption and signing functions.

FutureTPM will fill the gaps that currently threaten its long-term security and will generate a secure root of trust that can be used for interacting with Cloud services, accessing corporate services, performing eCommerce transactions, along with a wide range of other services. Furthermore, since the TPM shares many functions with other widely deployed devices such as smart cards, the FutureTPM solutions will also benefit their applications.

Who is the project designed for?

The FutureTPM project is aimed at designing and developing a Quantum-Resistant (QR) Trusted Platform Module (TPM). FutureTPM will provide a new generation of TPM-based solutions, including hardware, software and virtualization environments, by incorporating robust and physically secured Quantum-Resistant cryptographic primitives. This will allow long-term security, privacy and operational assurance for future ICT systems and services.

FutureTPM solutions will also improve the security of Hardware Security Modules, Trusted Execution Environments, Smart Cards, and the Internet of Things. FutureTPM focuses on, but is not limited to TPMs. Hosted under the umbrella of secure hardware, and taking as granted the fact that in the very near future nearly all devices (and software modules) will need to incorporate secure hardware (and software) modules, the innovation capacity of the project outcomes extends to a vast plethora of market segments indicatively including ECUs in the automotive industry, network devices and mobile phones in the telecommunications sector, smart sensors in the smart cities domain etc. Other examples include Intelligent Transportation Systems, eHealth, Industry 4.0, Digital Media and Content protection, etc.

How is your project benefitting the end-user?

FutureTPM aims to prove and validate the applicability, usability and effectiveness of the QR TPM concepts, models and algorithms in real-world settings, including industry and commerce, which may be affected by the advent of quantum computing.

By delivering a holistic approach safeguarding strong and solid implementation of cryptographic protocols, securing hardware and software against current but also future threats, FutureTPM will facilitate increased trust in many existing and forthcoming applications and systems including e-banking, e-wallets, access control, activity tracking, IoT devices, industrial controls, sensors, smart home appliances, smart phones, secure storage, biometric authentication, anonymous access, etc. Furthermore, FutureTPM will deliver future-proof, QR cryptographic algorithms, safeguarding the fundamental rights of user's privacy and data protection.

This will be achieved by examining their application to the following predefined set of use cases:

  • Online banking: To isolate the e-payment process in a more protected context so as to provide enhanced security levels against unintentional data leakage and malicious apps
  • Activity tracking: To increase the trust of users of cloud-based activity tracking services in the security and privacy properties of their stored and utilised data
  • Device management: To help protect private keys stored on routers, mobile devices, and IoT devices against advanced adversarial models.

Please briefly describe the results your project achieved so far

The FutureTPM project started in January 2018. After the kick-off meeting on 23rd-24th January in Graz, Austria the consortium started working on FutureTPM System Requirements and the Use Cases.
The focus has been on:

  1. identifying technical, functional and security requirements and properties of a QR tamper-resistant TPM,
  2. refining the requirements and properties specific to the three types of TPM environment, namely software-based, hardware-based and virtualization environment, and
  3. applying the requirements and properties to the FutureTPM use cases.

In conjunction with research partners, the use case partners have made progress in shaping their use case requirements from narrative user stories into technical requirements. In addition to that the consortium started to individuate possible quantum-resistant constructions for the TPM, and the possible security scenarios depending on the computational capabilities of the adversary (i.e., whether the adversary has access to a quantum computer).
FutureTPM already build up cooperation with the H2020 PROMETHEUS project, plans for common dissemination activities and transfer of knowledge were made.

What are the next steps for your project?

After finalizing the envisioned use case requirements, FutureTPM will design an overall architecture to define multiple components which meet these requirements and also define the intercommunication among these components in order to address all the requirements in an integrated manner. Furthermore, the FutureTPM consortium will keep on investigating the QR cryptographic primitives and algorithms for use.

This will be coupled with an in-depth (formal) security analysis of the chosen algorithms, in the context of advanced trust, threat and adversary models. The development of a reactive risk-assessment framework, to ensure security in the face of emerging threats, will also commence.

 

 

News

Project of the Week - HERMENEUT

Cyberwatching.eu Project of the Week: HERMENEUT

Enterprises Intangible Risk Management via Economic Models based on Simulation of Modern Cyber Attacks

A Dynamic Solution for Intangible Assets

 

Project Hermeneut is a Horizon 2020 research and innovation project focusing on the economic aspects of cybersecurity, specially regarding intangible assets. It started in May 2017 and with a duration of 24 months it’s now approaching its end.

Future Events

ICDS 2019, The Thirteenth International Conference on Digital Society and eGovernments
21/02/2019 to 28/02/2019
Image:

From February 24th to the 28th, 2097, the ICDS 2019, The Thirteenth International Conference on Digital Society and eGovernments will be host in Athens, Greece.

The event will focus on state-of-the-art public services, e-government services in the context of digital society, Internet and web services, digital intelligence, networking and telecommunications, e-commerce, e-business and other areas.

Global Cyber Security Summit
27/02/2019
Image:

Global Cyber Security Summit

Developing a Robust Cyber Defense Strategy

Please Note: This program is under Chatham House Rule