Difference between revisions of "Attestation"
From MgmtWiki
| Line 4: | Line 4: | ||
==Context== | ==Context== | ||
A [[Remote Attestation]] Service was proposed as a service that would accept statements from a [[TPM]] to verify that the code running on the computer was that approved by the manufacturer. | A [[Remote Attestation]] Service was proposed as a service that would accept statements from a [[TPM]] to verify that the code running on the computer was that approved by the manufacturer. | ||
| − | |||
| − | |||
| − | |||
==Solutions== | ==Solutions== | ||
* [https://developer.android.com/training/articles/security-key-attestation Verifying hardware-backed key pairs with Key Attestation] in Android for [[Smartphone]]s.<blockquote>Key Attestation gives you more confidence that the keys you use in your app are stored in a device's hardware-backed keystore. The link describes how to verify the properties of hardware-backed keys and how to interpret the schema of the attestation certificate's extension data. </blockquote> | * [https://developer.android.com/training/articles/security-key-attestation Verifying hardware-backed key pairs with Key Attestation] in Android for [[Smartphone]]s.<blockquote>Key Attestation gives you more confidence that the keys you use in your app are stored in a device's hardware-backed keystore. The link describes how to verify the properties of hardware-backed keys and how to interpret the schema of the attestation certificate's extension data. </blockquote> | ||
* [https://developer.apple.com/documentation/devicecheck/dcappattestservice/3573911-attestkey attestKey(_:clientDataHash:completionHandler:)] Asks Apple to attest to the validity of a generated cryptographic key. | * [https://developer.apple.com/documentation/devicecheck/dcappattestservice/3573911-attestkey attestKey(_:clientDataHash:completionHandler:)] Asks Apple to attest to the validity of a generated cryptographic key. | ||
| + | |||
| + | ==References== | ||
| + | * See wiki page [[Attested]] for details of an [[Attestation]]. | ||
| + | * See wiki page [[Hardware-Enabled Security]] | ||
[[Category: Attestation]] | [[Category: Attestation]] | ||
[[Category: Assurance]] | [[Category: Assurance]] | ||
| + | [[Category: Hardware]] | ||
Revision as of 08:45, 23 February 2023
Full Title or Meme
Attestation in computing devices typically means a statement from a Trust Authority about the security of statements made by some other computing device.
Context
A Remote Attestation Service was proposed as a service that would accept statements from a TPM to verify that the code running on the computer was that approved by the manufacturer.
Solutions
- Verifying hardware-backed key pairs with Key Attestation in Android for Smartphones.
Key Attestation gives you more confidence that the keys you use in your app are stored in a device's hardware-backed keystore. The link describes how to verify the properties of hardware-backed keys and how to interpret the schema of the attestation certificate's extension data.
- attestKey(_:clientDataHash:completionHandler:) Asks Apple to attest to the validity of a generated cryptographic key.
References
- See wiki page Attested for details of an Attestation.
- See wiki page Hardware-Enabled Security
