{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,29]],"date-time":"2026-03-29T00:48:57Z","timestamp":1774745337907,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":53,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,12,4]],"date-time":"2023-12-04T00:00:00Z","timestamp":1701648000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"German Federal Ministry of Education and Research","award":["16KIS1787, 16ME0274"],"award-info":[{"award-number":["16KIS1787, 16ME0274"]}]},{"name":"Dutch Research Council (NWO)","award":["No.NWA.1160.18.301"],"award-info":[{"award-number":["No.NWA.1160.18.301"]}]},{"name":"National Research Center for Applied Cybersecurity ATHENE"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,12,4]]},"DOI":"10.1145\/3627106.3627118","type":"proceedings-article","created":{"date-parts":[[2023,12,2]],"date-time":"2023-12-02T18:13:22Z","timestamp":1701540802000},"page":"718-731","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Remote Attestation with Constrained Disclosure"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5138-1769","authenticated-orcid":false,"given":"Michael","family":"Eckel","sequence":"first","affiliation":[{"name":"Fraunhofer SIT | ATHENE, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1311-5806","authenticated-orcid":false,"given":"Dominik Roy","family":"George","sequence":"additional","affiliation":[{"name":"Eindhoven University of Technology, Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-8318-6214","authenticated-orcid":false,"given":"Bj\u00f6rn","family":"Grohmann","sequence":"additional","affiliation":[{"name":"gematik GmbH, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7776-7574","authenticated-orcid":false,"given":"Christoph","family":"Krau\u00df","sequence":"additional","affiliation":[{"name":"Darmstadt University of Applied Sciences, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,12,4]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Advanced Micro Devices Inc.2023. AMD Secure Encrypted Virtualization (SEV). Advanced Micro Devices Inc. https:\/\/www.amd.com\/en\/developer\/sev.html"},{"key":"e_1_3_2_1_2_1","volume-title":"mbed TLS","author":"Ltd Arm","unstructured":"Arm Ltd.2021. mbed TLS. Arm Ltd. https:\/\/tls.mbed.org\/"},{"key":"e_1_3_2_1_3_1","volume-title":"Microsoft open sources its software bill of materials (SBOM) generation tool","author":"Badlani Danesh\u00a0Kumar","unstructured":"Danesh\u00a0Kumar Badlani and Adrian Diglio. 2022. Microsoft open sources its software bill of materials (SBOM) generation tool. Microsoft Corporation. https:\/\/devblogs.microsoft.com\/engineering-at-microsoft\/microsoft-open-sources-software-bill-of-materials-sbom-generation-tool\/"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/11745853_14"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23951-9_9"},{"key":"e_1_3_2_1_6_1","volume-title":"Bernstein and Tanja Lange","author":"J.","year":"2017","unstructured":"Daniel\u00a0J. Bernstein and Tanja Lange. 2017. SafeCurves: Choosing safe curves for elliptic-curve cryptography. https:\/\/safecurves.cr.yp.to"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"crossref","unstructured":"Henk Birkholz David Thaler Michael Richardson and Wei Pan. 2023. Remote ATtestation procedureS (RATS) Architecture. RFC 9334. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc9334","DOI":"10.17487\/RFC9334"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1137\/0220068"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3407023.3407058"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"crossref","unstructured":"Jacqueline Brendel Cas Cremers Dennis Jackson and Mang Zhao. 2020. The Provable Security of Ed25519: Theory and Practice. http:\/\/eprint.iacr.org\/2020\/823","DOI":"10.1109\/SP40001.2021.00042"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030103"},{"key":"e_1_3_2_1_12_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Chakraborty Dhiman","year":"2019","unstructured":"Dhiman Chakraborty, Lucjan Hanzlik, and Sven Bugiel. 2019. simTPM: User-centric TPM for Mobile Devices. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 533\u2013550. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/chakraborty"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-85886-7_3"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-011-0124-7"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3538969.3539004"},{"key":"e_1_3_2_1_16_1","unstructured":"DECOIT GmbH & Co. KG.2023. TRUSTnet Project. DECOIT GmbH & Co. KG. https:\/\/trustnet-project.de\/"},{"key":"e_1_3_2_1_17_1","unstructured":"Frank Denis. 2021. Libsodium documentation. https:\/\/libsodium.gitbook.io\/doc\/"},{"key":"e_1_3_2_1_18_1","volume-title":"Generating Software Bills of Materials (SBOMs) with SPDX at Microsoft","author":"Diglio Adrian","unstructured":"Adrian Diglio. 2021. Generating Software Bills of Materials (SBOMs) with SPDX at Microsoft. Microsoft Corporation. https:\/\/devblogs.microsoft.com\/engineering-at-microsoft\/generating-software-bills-of-materials-sboms-with-spdx-at-microsoft\/"},{"key":"e_1_3_2_1_19_1","unstructured":"Executive Office of the President. 2021. EO 14028: Improving the Nation\u2019s Cybersecurity. Executive Office of the President. https:\/\/www.federalregister.gov\/executive-order\/14028"},{"key":"e_1_3_2_1_20_1","volume-title":"CHARRA: CHAllenge-Response based Remote Attestation with TPM 2.0. Fraunhofer SIT. https:\/\/github.com\/Fraunhofer-SIT\/charra","author":"Fraunhofer","year":"2019","unstructured":"Fraunhofer SIT. 2019. CHARRA: CHAllenge-Response based Remote Attestation with TPM 2.0. Fraunhofer SIT. https:\/\/github.com\/Fraunhofer-SIT\/charra"},{"key":"e_1_3_2_1_21_1","unstructured":"Andreas Fuchs and Tadeusz Struk. 2021. tpm2-software\/tpm2-tss. https:\/\/github.com\/tpm2-software\/tpm2-tss original-date: 2015-06-30T16:21:57Z."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","unstructured":"Dominik\u00a0Roy George. 2021. Privacy-Preserving Remote Attestation Protocol. Master\u2019s Thesis. TU Darmstadt\/TU Wien. https:\/\/doi.org\/10.34726\/hss.2021.86825","DOI":"10.34726\/hss.2021.86825"},{"key":"e_1_3_2_1_23_1","volume-title":"Decaf: Eliminating cofactors through point compression","author":"Hamburg Mike","year":"2015","unstructured":"Mike Hamburg. 2015. Decaf: Eliminating cofactors through point compression. http:\/\/eprint.iacr.org\/2015\/673"},{"key":"e_1_3_2_1_24_1","unstructured":"Mike Hamburg Henry de Valence Isis Lovecruft and Tony Arcieri. 2021. Ristretto - The Ristretto Group. https:\/\/ristretto.group\/ristretto.html"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","unstructured":"Feng Hao. 2017. Schnorr Non-interactive Zero-Knowledge Proof. RFC 8235. https:\/\/doi.org\/10.17487\/RFC8235","DOI":"10.17487\/RFC8235"},{"key":"e_1_3_2_1_26_1","volume-title":"Intel Trusted Execution Technology (Intel TXT) Overview","author":"Intel Corporation","unstructured":"Intel Corporation. 2022. Intel Trusted Execution Technology (Intel TXT) Overview. Intel Corporation. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/tool\/intel-trusted-execution-technology.html"},{"key":"e_1_3_2_1_27_1","volume-title":"Intel Software Guard Extensions (Intel SGX)","author":"Intel Corporation","unstructured":"Intel Corporation. 2023. Intel Software Guard Extensions (Intel SGX). Intel Corporation. https:\/\/software.intel.com\/sgx"},{"key":"e_1_3_2_1_28_1","volume-title":"Intel Trust Domain Extensions (Intel TDX)","author":"Intel Corporation","unstructured":"Intel Corporation. 2023. Intel Trust Domain Extensions (Intel TDX). Intel Corporation. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/intel-trust-domain-extensions.html"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3538969.3538989"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISECS.2010.60"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","unstructured":"Simon Josefsson and Jim Schaad. 2018. Algorithm Identifiers for Ed25519 Ed448 X25519 and X448 for Use in the Internet X.509 Public Key Infrastructure. RFC 8410. https:\/\/doi.org\/10.17487\/RFC8410","DOI":"10.17487\/RFC8410"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/HST.2013.6581569"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","unstructured":"Hagen Lauer Amin Sakzad Carsten Rudolph and Surya Nepal. 2019. A Logic for Secure Stratified Systems and its Application to Containerized Systems. In 2019 18th IEEE International Conference On Trust Security And Privacy In Computing And Communications\/13th IEEE International Conference On Big Data Science And Engineering (TrustCom\/BigDataSE). 562\u2013569. https:\/\/doi.org\/10.1109\/TrustCom\/BigDataSE.2019.00081","DOI":"10.1109\/TrustCom\/BigDataSE.2019.00081"},{"key":"e_1_3_2_1_34_1","unstructured":"Laurence Lundblade. 2021. QCBOR: an implementation of nearly everything in RFC8949. https:\/\/github.com\/laurencelundblade\/QCBOR"},{"key":"e_1_3_2_1_35_1","volume-title":"22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019","author":"Luo Wu","year":"2019","unstructured":"Wu Luo, Qingni Shen, Yutang Xia, and Zhonghai Wu. 2019. Container-IMA: A privacy-preserving Integrity Measurement Architecture for Containers. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019). USENIX Association, Chaoyang District, Beijing, 487\u2013500. https:\/\/www.usenix.org\/conference\/raid2019\/presentation\/luo"},{"key":"e_1_3_2_1_36_1","volume-title":"Microsoft SBOM Tool (Open Source on GitHub)","author":"Microsoft Corp.","unstructured":"Microsoft Corp.2022. Microsoft SBOM Tool (Open Source on GitHub). Microsoft Corp. https:\/\/github.com\/microsoft\/sbom-tool"},{"key":"e_1_3_2_1_37_1","volume-title":"ATHENE \u2013 National Research Center for Applied Cybersecurity","author":"National Research Center for Applied Cybersecurity ATHENE. 2019.","unstructured":"National Research Center for Applied Cybersecurity ATHENE. 2019. ATHENE \u2013 National Research Center for Applied Cybersecurity. National Research Center for Applied Cybersecurity ATHENE. https:\/\/athene-center.de\/"},{"key":"e_1_3_2_1_38_1","volume-title":"Rising to the Challenge \u2013 Data Security with Intel Confidential Computing","author":"Rao Anil","unstructured":"Anil Rao. 2022. Rising to the Challenge \u2013 Data Security with Intel Confidential Computing. Intel Corporation. https:\/\/community.intel.com\/t5\/Blogs\/Products-and-Solutions\/Security\/Rising-to-the-Challenge-Data-Security-with-Intel-Confidential\/post\/1353141"},{"key":"e_1_3_2_1_39_1","volume-title":"Being a Responsible User and Creator of Open Source","author":"Ronin Felix","unstructured":"Felix Ronin. 2023. Being a Responsible User and Creator of Open Source. Adobe Inc. https:\/\/blog.developer.adobe.com\/being-a-responsible-user-and-creator-of-open-source-bbbcb79857fd"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065907.1066038"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030125"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251375.1251391"},{"key":"e_1_3_2_1_43_1","unstructured":"The United States Department of Commerce. 2021. The Minimum Elements For a Software Bill of Materials (SBOM). The United States Department of Commerce. https:\/\/www.ntia.doc.gov\/files\/ntia\/publications\/sbom_minimum_elements_report.pdf(Pursuant to Executive Order 14028 on Improving the Nation\u2019s Cybersecurity)."},{"key":"e_1_3_2_1_44_1","unstructured":"Bill Toulas. 2022. New Intel chips won\u2019t play Blu-ray disks due to SGX deprecation. Bleeping Computer\u00ae LLC. https:\/\/www.bleepingcomputer.com\/news\/security\/new-intel-chips-wont-play-blu-ray-disks-due-to-sgx-deprecation\/"},{"key":"e_1_3_2_1_45_1","volume-title":"level 00, revision 142 ed.)","author":"Trusted Computing Group","unstructured":"Trusted Computing Group. 2014. TPM 2.0 Mobile Reference Architecture Specification (family 2.0, level 00, revision 142 ed.). Trusted Computing Group. https:\/\/trustedcomputinggroup.org\/resource\/tpm-2-0-mobile-reference-architecture-specification\/"},{"key":"e_1_3_2_1_46_1","volume-title":"level 00, revision 31 ed.)","author":"Trusted Computing Group","unstructured":"Trusted Computing Group. 2015. TPM 2.0 Mobile Common Profile (family 2.0, level 00, revision 31 ed.). Trusted Computing Group. https:\/\/trustedcomputinggroup.org\/resource\/tcg-tpm-2-0-mobile-common-profile\/"},{"key":"e_1_3_2_1_47_1","volume-title":"TCG Trusted Attestation Protocol (TAP) Information Model for TPM Families 1.2 and 2.0 and DICE Family 1.0 (version 1.0 revision 0.36 ed.)","author":"Trusted Computing Group","unstructured":"Trusted Computing Group. 2019. TCG Trusted Attestation Protocol (TAP) Information Model for TPM Families 1.2 and 2.0 and DICE Family 1.0 (version 1.0 revision 0.36 ed.). Trusted Computing Group. https:\/\/trustedcomputinggroup.org\/resource\/tcg-tap-information-model\/"},{"key":"e_1_3_2_1_48_1","volume-title":"TCG Trusted Attestation Protocol (TAP) Use Cases for TPM Families 1.2 and 2.0 and DICE (version 1.0 revision 0.35 ed.)","author":"Trusted Computing Group","unstructured":"Trusted Computing Group. 2019. TCG Trusted Attestation Protocol (TAP) Use Cases for TPM Families 1.2 and 2.0 and DICE (version 1.0 revision 0.35 ed.). Trusted Computing Group. https:\/\/trustedcomputinggroup.org\/resource\/tcg-trusted-attestation-protocol-tap-use-cases-for-tpm-families-1-2-and-2-0-and-dice\/"},{"key":"e_1_3_2_1_49_1","unstructured":"Trusted Computing Group. 2019. TCG TSS 2.0 Overview and Common Structures Specification."},{"key":"e_1_3_2_1_50_1","volume-title":"Trusted Platform Module Library \u2013 Part 1: Architecture (family 2.0, level 00, revision 01.59 ed.)","author":"Trusted Computing Group 2019.","unstructured":"Trusted Computing Group 2019. Trusted Platform Module Library \u2013 Part 1: Architecture (family 2.0, level 00, revision 01.59 ed.). Trusted Computing Group. https:\/\/trustedcomputinggroup.org\/resource\/tpm-library-specification\/"},{"key":"e_1_3_2_1_51_1","unstructured":"WIBU-SYSTEMS AG. 2021. VE-ASCOT\u2014Advanced Security for Chains of Trust. WIBU-SYSTEMS AG. http:\/\/ascot-trust.info\/"},{"key":"e_1_3_2_1_52_1","unstructured":"Mimi Zohar and Dmitry Kasatkin. 2018. Integrity Measurement Architecture (IMA). https:\/\/sourceforge.net\/p\/linux-ima\/wiki\/Home\/"},{"key":"e_1_3_2_1_53_1","unstructured":"Mimi Zohar David Safford and Reiner Sailer. 2009. Using IMA for Integrity Measurement and Attestation. https:\/\/blog.linuxplumbersconf.org\/2009\/slides\/David-Stafford-IMA_LPC.pdf"}],"event":{"name":"ACSAC '23: Annual Computer Security Applications Conference","location":"Austin TX USA","acronym":"ACSAC '23"},"container-title":["Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3627106.3627118","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3627106.3627118","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T17:37:51Z","timestamp":1755884271000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3627106.3627118"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,12,4]]},"references-count":53,"alternative-id":["10.1145\/3627106.3627118","10.1145\/3627106"],"URL":"https:\/\/doi.org\/10.1145\/3627106.3627118","relation":{},"subject":[],"published":{"date-parts":[[2023,12,4]]},"assertion":[{"value":"2023-12-04","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}