tech-spec: add protocol diagram

master
S.J.R. van Schaik 7 years ago
parent 79e29e5a4d
commit 1315d4caba
  1. 38
      tech-doc/tech-spec.tex

@ -1,5 +1,6 @@
\documentclass[twoside,a4paper]{article}
\usepackage{adjustbox}
\usepackage{amsmath}
\usepackage{amssymb}
\usepackage{booktabs}
@ -154,9 +155,44 @@ In the most simplistic model, the boot procedure that will be performed is as fo
The communication between the host device and the TBM follows a client-server model where the host devices sends requests to the TBM over serial.
\subsection{Design}
\begin{figure}[H]
\centering
\begin{adjustbox}{width=\textwidth,center}
\begin{tikzpicture}
\draw[thick,draw=gray!70,->] (-0.2,0) node[left] {\tt\small\uppercase{TBM}} -- (15,0);
\draw[thick,draw=gray!70,->] (-0.2,4) node[left] {\tt\small\uppercase{ROTS}} -- (15,4);
\draw[thick,draw=green!70!black,dashed] (0,0) -- ++(0,4) node[midway, sloped, below] {\tt\small\uppercase{trusted}};
\draw[thick,draw=blue!30,->] (1, 4) -- ++(.5,-4) node[midway, sloped, below] {\tt\small\uppercase{hi <version>}};
\draw[thick,draw=red!30,->] (1.75, 0) -- ++(.5,4) node[midway, sloped, below] {\tt\small\uppercase{hello <version>}};
\draw[thick,draw=blue!30,->] (3, 4) -- ++(.5,-4) node[midway, sloped, below] {\tt\small\uppercase{ls certs}};
\draw[thick,draw=red!30,->] (3.75, 0) -- ++(.5,4) node[midway, sloped, below] {\tt\small\uppercase{<listing>}};
\draw[thick,draw=blue!30,->] (5, 4) -- ++(.5,-4) node[midway, sloped, below] {\tt\small\uppercase{cat certs/cert.crt}};
\draw[thick,draw=red!30,->] (5.75, 0) -- ++(.5,4) node[midway, sloped, below] {\tt\small\uppercase{<content>}};
\draw[thick,draw=blue!30,->] (7, 4) -- ++(.5,-4) node[midway, sloped, below] {\tt\small\uppercase{time}};
\draw[thick,draw=red!30,->] (7.75, 0) -- ++(.5,4) node[midway, sloped, below] {\tt\small\uppercase{1501842512}};
\draw[thick,draw=blue!30,->] (9, 4) -- ++(.5,-4) node[midway, sloped, below] {\tt\small\uppercase{booting <version>}};
\draw[thick,draw=red!30,->] (9.75, 0) -- ++(.5,4) node[midway, sloped, below] {\tt\small\uppercase{ok}};
\draw[thick,draw=red!70!black,dashed] (11, 0) -- ++(0, 4) node[midway, sloped, below] {\tt\small\uppercase{untrusted}};
\draw[thick,draw=blue!30,->] (12, 4) -- ++(.5,-4) node[midway, sloped, below] {\tt\small\uppercase{booting ok}};
\draw[thick,draw=red!30,->] (12.75, 0) -- ++(.5,4) node[midway, sloped, below] {\tt\small\uppercase{ok}};
\end{tikzpicture}
\end{adjustbox}
\caption{protocol diagram.}
\end{figure}
\subsection{Clock Drift}
To cope with clock drift the real-time clock has to be synchronised with an external clock. The most straight-forward method to support this within the protocol is to allow an absolute time to be set. However, this should only be allowed from the read-only trusted stage. An alternative method is to allow the clock to be corrected by introducing a limited amount of additional ticks or to stop the clock for a limited amount of ticks. By having limited correction, the clock can still be synchronised while an attacker cannot change the clock by more than a negligible factor each year.
To cope with clock drift the real-time clock has to be synchronised with an external clock. The most straight-forward method to support this within the protocol is to allow an absolute time to be set. However, this should only be allowed from the read-only trusted stage. An alternative method is to allow the clock to be corrected by introducing a limited amount of additional ticks or to stop the clock for a limited amount of ticks. By having limited correction, the clock can still be synchronised while an attacker cannot change the clock by more than a negligible factor each year.
\section{Features}

Loading…
Cancel
Save