2.1 Trusted Platform Module

A trusted platform module is a computing chip with a cryptoprocessor, secure memory, a compute engine and I/O components, attached to a computing platform. A protected capability on a platform configuration register (PCR) called extend is defined in such a way that the current value constitutes
of
 a trust chain (of events). A trust chain begins with a well-known initial state and comprises the sequence of events up to and including the event that brings a platform to its current state.  This sequence is bootstrapped by a hardware root for the trust for measurement (RTM) which can be static or dynamic \cite{article}.

2.2 Attestation

Attestation is a mechanism for software to prove its identity. The goal of attestation is to prove to a remote party that your operating system and application software are intact and trustworthy. The verifier trusts that attestation data is accurate because it is signed by a TPM whose key is certified by the CA \cite{Garfinkel:2003:FOS:1251054.1251079}

2.3 Dynamic Root of Trust

Recently a new mechanism was added to TPM specifications \cite{group} which provides a way to perform attestation dynamically i.e. after boot. Many vendors have welcomed this new mechanism and implemented in their own systems e.g. Intel TXT \cite{corporation2009} and AMD SVM \cite{devices2005}.  This is a technique that allows a specific CPU instruction to reset the state of some PCRs, isolate memory region, hash and atomically execute its content. Several tamper prevention mechanisms such as disabling DMA and resetting the TPM PCRs are included to prevent fraudulent attestation. 

3. Implementation

In our research, we have implemented the whole workflow from quoting authentication,
remote
attestation to encrypted data communication using TPM. Following shows an implementation of trusted runtime environment with TPM which can remotely communicate with another system (PP).  In the workflow, we need to make sure the following:

4. Evaluation

For our evaluation, we used the TPM simulator provided by Microsoft and conducted few security attacks to analyze the behavior of the protocol for the following threat models.
Replay Attack:  an attack on a security protocol using a replay of messages from a different context intended to fool the honest participant into thinking they have successfully completed the protocol run \cite{articlea}. In our context consider a passive attacker listening at the network who can capture valid authentication sequence packets and later replay these packets to disguise as the previous user to the remote system. 
Man in the middle Attack:  an attack when an adversary secretly alters and relays the communication between two parties. In our context, the communication between two hosts is intercepted by an intermediate user by which he can collect confidential information and forge authentic messages to manipulate the communication. 
Denial of Service Attack: an attack where the perpetrator seeks to make the system or network unavailable to its legitimate intended users by temporarily or indefinitely disrupting services of the targeted host. In our context, a denial of service can be executed to attack the trusted computing platform to make it unavailable for a certain time.