Formal Analysis of SPDM: Security Protocol and Data Model version 1.2

Cremers, Cas and Dax, Alexander and Naska, Aurora
(2023) Formal Analysis of SPDM: Security Protocol and Data Model version 1.2.
In: 32nd USENIX Security Symposium, 9-11 Aug 2023, Anaheim, CA, USA.
Conference: USENIX-Security Usenix Security Symposium

[img] Text
spdm_usenix-2.pdf - Accepted Version
Download (531kB)

Abstract

DMTF is a standards organization by major industry players in IT infrastructure including AMD, Alibaba, Broadcom, Cisco, Dell, Google, Huawei, IBM, Intel, Lenovo, and NVIDIA, which aims to enable interoperability, e.g., including cloud, virtualization, network, servers and storage. It is currently standardizing a security protocol called SPDM, which aims to secure communication over the wire and to enable device attestation, notably also explicitly catering for communicating hardware components. The SPDM protocol inherits requirements and design ideas from IETF’s TLS 1.3. However, its state machines and transcript handling are substantially different and more complex. While architecture, specification, and open-source libraries of the current versions of SPDM are publicly available, these include no significant security analysis of any kind. In this work we develop the first formal models of the three modes of the SPDM protocol version 1.2.1, and formally analyze their main security properties

Item Type: Conference or Workshop Item (A Paper) (Paper)
Divisions: Cas Cremers (CC)
Conference: USENIX-Security Usenix Security Symposium
Depositing User: Alexander Dax
Date Deposited: 07 Mar 2023 09:02
Last Modified: 07 Mar 2023 09:02
Primary Research Area: NRA2: Reliable Security Guarantees
URI: https://publications.cispa.saarland/id/eprint/3902

Actions

Actions (login required)

View Item View Item
CISPA is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.