Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the standardization efforts for attested TLS protocols in confidential computing through this 31-minute conference talk from the Linux Plumbers Conference. Learn about the formation of the new IETF Working Group named Secure Evidence and Attestation Transport (SEAT) and discover updates to standardization work since the previous year's discussions. Examine three distinct approaches for integrating remote attestation into TLS: pre-handshake attestation, intra-handshake attestation, and post-handshake attestation, with detailed analysis of their respective security vulnerabilities including replay, relay, and diversion attacks. Understand how formal verification using ProVerif provides symbolic security analysis for security-critical applications, and review findings that demonstrate post-handshake attestation offers superior security properties despite slightly higher latency. Gain insights into the collaborative project involving industry partners including Arm, Linaro, Siemens, Huawei, Intuit, Axis, Bonn-Rhein-Sieg University of Applied Sciences, and Barkhausen Institut. Discover how attested TLS protocols can enhance Transport Layer Security by adding mechanisms for validating the security state of workloads and their platforms, ultimately providing more robust security guarantees for confidential computing applications.
