Secure migration

Overview

The migration consists of credential migration provided by Wuhan University and upper software migration which is implemented by HUST.

• Credential
  Alice has a pair RSA key, the public key is known to all members and private key is protected by TPM. It may include a key for encryption when saving files in disk.
  
• Credential migration

1. Generate a symmetric key which is used to encrypt the upper software;
2. Use TPM to encrypt the symmetric key by public key, get a migration blob
3. Migrate the blob and private key

• Upper software migration

1. Store all the mediate result of program
2. Encrypt the upper software and related state by symmetric key
3. Migrate the encrypted software and data file

Whole Solution

1. One backend node request front end for migration.
2. Front end find another available backend node. Do attestation to ensure that the backend node is trusted.
3. Migrate the credential
4. Migrate the upper software
5. Decrypt the upper software
6. Launch the new virtual machine

Figure 1: Secure migration

Migration protocol

The attestation protocol is as follows. In the figure, Alice has pk/sk and wants to migrate them to the migration target. MigBlob is generated by TPM, while rnd is a random number generated by Alice.

First, Alice request migration target for migration. The target machine reports to Alice the PCR list, which are used to attestation. If PCR list satisfied required condition, it starts to do credential migration. The credential is transferred in the form of MigBlob. Then Alice send encrypted software to target machine.

Figure 2: Migration protocol

Comments