Transport Layer Security (TLS) is a widely used protocol for secure channel establishment. However, it lacks any inherent mechanism for validating the security state of the workload and its platform. To address this, remote attestation can be integrated in TLS, named as attested TLS. In this talk, we present a survey of the three approaches for this integration, namely pre-handshake attestation, post-handshake attestation and intra-handshake attestation. We also present our ongoing research on Formal Verification of the three approaches using state-of-the-art symbolic security analysis tool ProVerif to provide high-confidence for use in security-critical applications.

Key takeaways: Our preliminary analysis shows that pre-handshake attestation is potentially vulnerable to replay and relay attacks. On the other hand, post-handshake attestation results in high latency. Intra-handshake attestation offering high security via formal verification and low latency by avoiding the additional roundtrip forms a good ground for further research and analysis.