Saved in:
Bibliographic Details
Main Authors: Thomas, Will, Schmalz, Logan, Petz, Adam, Alexander, Perry, Guttman, Joshua D., Rowe, Paul D., Carter, James
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2603.06326
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866918375702134784
author Thomas, Will
Schmalz, Logan
Petz, Adam
Alexander, Perry
Guttman, Joshua D.
Rowe, Paul D.
Carter, James
author_facet Thomas, Will
Schmalz, Logan
Petz, Adam
Alexander, Perry
Guttman, Joshua D.
Rowe, Paul D.
Carter, James
contents Attestation means providing evidence that a remote target system is worthy of trust for some sensitive interaction. Although attestation is already used in network access control, security management, and trusted execution environments, it mainly concerns only a few system components. A clever adversary might manipulate these shallow attestations to mislead the relying party. Reliable attestations require layering. We construct attestations whose layers report evidence about successive components of the target system. Reliability also requires structuring the target system so only a limited set of components matters. We show how to structure an example system for reliable attestations despite a well-defined, relatively strong adversary. It is based on widely available hardware, such as Trusted Platform Modules, and software, such as Linux with SELinux. We isolate our principles in a few maxims that guide system development. We provide a cogent analysis of our mechanisms against our adversary model, as well as an empirical appraisal of the resulting system. We also identify two improvements to the mechanisms so attestation can succeed against strengthened adversaries. The performance burden of our attestation is negligible, circa 1.3 percent. After our first example, we vary our application level, and then also its underlying hardware anchor to use confidential computing with AMD's SEV-SNP. The same maxims help us achieve trustworthy attestations.
format Preprint
id arxiv_https___arxiv_org_abs_2603_06326
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Designing Trustworthy Layered Attestations
Thomas, Will
Schmalz, Logan
Petz, Adam
Alexander, Perry
Guttman, Joshua D.
Rowe, Paul D.
Carter, James
Cryptography and Security
Attestation means providing evidence that a remote target system is worthy of trust for some sensitive interaction. Although attestation is already used in network access control, security management, and trusted execution environments, it mainly concerns only a few system components. A clever adversary might manipulate these shallow attestations to mislead the relying party. Reliable attestations require layering. We construct attestations whose layers report evidence about successive components of the target system. Reliability also requires structuring the target system so only a limited set of components matters. We show how to structure an example system for reliable attestations despite a well-defined, relatively strong adversary. It is based on widely available hardware, such as Trusted Platform Modules, and software, such as Linux with SELinux. We isolate our principles in a few maxims that guide system development. We provide a cogent analysis of our mechanisms against our adversary model, as well as an empirical appraisal of the resulting system. We also identify two improvements to the mechanisms so attestation can succeed against strengthened adversaries. The performance burden of our attestation is negligible, circa 1.3 percent. After our first example, we vary our application level, and then also its underlying hardware anchor to use confidential computing with AMD's SEV-SNP. The same maxims help us achieve trustworthy attestations.
title Designing Trustworthy Layered Attestations
topic Cryptography and Security
url https://arxiv.org/abs/2603.06326