Trust-in-the-middle: towards establishing trustworthiness of authentication proxies using trusted computing

Authentication proxies, which store users' secret credentials and submit them to servers on their behalf, offer benefits with respect to security of the authentication and usability of credential management. However, as being a service that is not in control of users, one important problem they suffer is the trust problem; how users trust that their secrets are handled securely in the proxy and not revealed to third parties. In this paper, we present a solution called Trust-in-the-Middle, a TPM based proxy system which ensures that user credentials are securely stored and submitted without disclosing them even if the proxy is compromised. We build our architecture on a trust chain bootstrapped by TPM DRTM and prevent access to credentials if any entity in the chain is maliciously modified. We use remote attestation to guarantee that all critical operations on the proxy are performed securely and credentials are cryptographically protected when they are not in DRTM-supported isolation.