The Trusted Bit Torrent protocol, developed within the scope of NaDa, is used for the distribution of content and applications for the Set-Top-Boxes in the NaDa environment. In contrast to the typical application scenarios of peer to peer protocols like Bit Torrent, the distribution of data in the NaDa context has to be controlled by the central NaDa management. To realize a "realistic" integration of the Trusted Bit Torrent implementation and for measurement purposes, the NaDa management was simulated by using OMF (cOntrol and Management Framework). The relevant part of the management protocol was implemented as an OMF experiment and an OMF application with an interface to the Trusted Bit Torrent application. For the test environment one management server running the OMF experiment controller and ten NaDa clients with an Atom 1.6 GHZ CPU equipped with an Infineon TPM chip were used. As the clients normally do not run in the environment of the ISP, the state of the clients has to be checked before applications can be ntegrated into the NaDa network. The system state of the NaDa clients is verified by remote attestation using the TPM chip of the clients. It is assumed that the Attestation Identity Keys (AIKs) of the NaDa clients are produced in a secure environment and the public AIKs are stored on the NaDa management server. The management server also stores fingerprints (SHA-1) of software which is installed on the NaDa clients (as part of an OS kernel extension) or software which has to be installed on the client like application lices. The software which is executed on a client is measured, the fingerprints are stored in a Stored Measurement Log (SML), and the fingerprints are inserted into a certain TPM PCR register. The current SML of the client and the signed value (using the AIK of the client) can be used to verify the valid system state by NaDa management. To secure installation of costumer applications the NaDa OMF application of the client performs an extension of the SML using the fingerprint of the content after successful download by the Trusted Bit Torrent implementation. Thus beside executed code on the NaDa clients virtual images of customer applications become part of the system state, which has to be proved.
The results and measurements of the experiments showed that TPM technology can be successfully applied in a managed peer to peer environment like the NaDa context. The experiment description is available here.