A Privacy-Preserving Integrity Measurement Architecture

TCG´s Trusted Platform Modules provide the functionality of remote attestation, which based on the integrity of software components in a specific platform configuration. Integrity Measurement Architecture(IMA) is the accredited remote attestation methods which formulates the integrity measurement process and integrity reporting protocol. However, as a binary attestation, all integrity measurements must be exposed to remote party-verifier. This can disclose the privacy of attesting platform. In this paper, We slightly adapt the Integrity Measurement Architecture (IMA) to provide privacy preserving. System configuration is partitioned into privacy-relevant tasks based on the measurement relationships and dependency relationships between components. During integrity reporting in remote attestation, only the measurements of task-relevant software components are released to verifier. Shield factors are introduced to hide integrity measurements during measurement process and hide the task-irrelevant integrity measurement during integrity report.