@inproceedings{raj2016ftpm, author = {Raj, Himanshu and Saroiu, Stefan and Wolman, Alec and Aigner, Ronald and Cox, Jeremiah and England, Paul and Fenner, Chris and Kinshumann, Kinshuman and Loeser, Jork and Mattoon, Dennis and Nystrom, Magnus and Robinson, David and Spiger, Rob and Thom, Stefan and Wooten, David}, title = {fTPM: A Software-only Implementation of a TPM Chip}, booktitle = {USENIX Security}, year = {2016}, month = {August}, abstract = {Commodity CPU architectures, such as ARM and Intel CPUs, have started to offer trusted computing features in their CPUs aimed at displacing dedicated trusted hardware. Unfortunately, these CPU architectures raise serious challenges to building trusted systems because they omit providing secure resources outside the CPU perimeter. This paper shows how to overcome these challenges to build software systems with security guarantees similar to those of dedicated trusted hardware. We present the design and implementation of a firmware-based TPM 2.0 (fTPM) leveraging ARM TrustZone. Our fTPM is the reference implementation of a TPM 2.0 used in millions of mobile devices. We also describe a set of mechanisms needed for the fTPM that can be useful for building more sophisticated trusted applications beyond just a TPM.}, url = {http://approjects.co.za/?big=en-us/research/publication/ftpm-software-implementation-tpm-chip/}, edition = {USENIX Security}, }