Remote Credential Management with Mutual Attestation for Trusted Execution Environments

Carlton Shepherd, Raja Naeem Akram, Konstantinos Markantonakis

Research output: Chapter in Book/Report/Conference proceedingPublished conference contribution

4 Citations (Scopus)


Trusted Execution Environments (TEEs) are rapidly emerging as a root-of-trust for protecting sensitive applications and data using hardware-backed isolated worlds of execution. TEEs provide robust assurances regarding critical algorithm execution, tamper-resistant credential storage, and platform integrity using remote attestation. However, the challenge of remotely managing credentials between TEEs remains largely unaddressed in existing literature. In this work, we present novel protocols using mutual attestation for supporting four aspects of secure remote credential management with TEEs: backups, updates, migration, and revocation. The proposed protocols are agnostic to the underlying TEE implementation and subjected to formal verification using Scyther, which found no attacks.
Original languageEnglish
Title of host publication12th IFIP International Conference on Information Security Theory and Practice
Number of pages17
ISBN (Print)978-3-030-20073-2
Publication statusPublished - 12 May 2019

Bibliographical note

Carlton Shepherd is supported by the EPSRC and the British government as part of the Centre for Doctoral Training in Cyber Security at Royal Holloway, University of London (EP/K035584/1).


  • credential management
  • TEEs
  • Security protocols


Dive into the research topics of 'Remote Credential Management with Mutual Attestation for Trusted Execution Environments'. Together they form a unique fingerprint.

Cite this