Remote Attestation with Constrained Disclosure
Trusted Platform Modules (TPMs) are used for remote attestation to ensure the authenticity and integrity of software running on a computer system. However, measuring software executed as containers or virtual machines can be challenging as it is measured concurrently, resulting in a jumbled measurement log that is difficult to disentangle. Moreover, disclosing the entire measurement log in traditional binary remote attestation raises privacy and intellectual property concerns. To address these issues, we propose a remote attestation method with constrained disclosure, allowing for selective disclosure of entries in the measurement log using a non-interactive zero-knowledge (NIZK) proof with Schnorr signatures. Our approach is evaluated for security and privacy and proven to be correct, sound, and satisfies the properties of a NIZK proof. Formal verification of our solution with ProVerif also supports our claims. Furthermore, the performance evaluation of our proof-of-concept implementation shows that our contribution is feasible, and the overhead introduced is negligible.