Title :
A Plausibly-Deniable, Practical Trusted Platform Module Based Anti-Forensics Client-Server System
Author :
Goh, Weihan ; Leong, Peng Chor ; Yeo, Chai Kiat
Author_Institution :
Sch. of Comput. Eng., Nanyang Technol. Univ., Singapore, Singapore
fDate :
8/1/2011 12:00:00 AM
Abstract :
A Trusted Platform Module (TPM) contains a unique identity and provides a range of security functions. This paper demonstrates a novel approach of using a TPM-enabled computer in a client-server system to hinder forensic examination. The prime motivation for this is to highlight the implications of such TPM-based approach in digital forensics for law enforcement agents. The system allows for data confidentiality, plausible deniability, and hiding of traces that data containing incriminating information was present on the client. The server will attest the client before allowing it to submit or receive encrypted data, and encrypted data containing incriminating information can only be decrypted 1) by the encrypting client, and 2) if and only if the encrypting client´s platform configuration matches that during encryption. The client´s state can always be established via measurement results, and they cannot be tampered to fake attestation.
Keywords :
client-server systems; computer forensics; TPM-enabled computer; anti-forensics client-server system; data confidentiality; digital forensics; plausible deniability; trusted platform module; Computers; Cryptography; Current measurement; Forensics; Law enforcement; Servers; Software; anti-forensics; information confidentiality; plausible deniability; trusted platform module;
Journal_Title :
Selected Areas in Communications, IEEE Journal on
DOI :
10.1109/JSAC.2011.110805
