Welcome to the homepage of the LightVerifier project!

LightVerifier is a set of tools to remotely verify the integrity of Linux systems. In essence, it uses a computer’s Trusted Platform Module and some Linux kernel features to track what programs execute, in such a way that the software on the machine cannot lie about what’s running. Through cryptography, a measurement list is signed by the TPM and checked against a list of known good software. This is known as a hardware-based remote attestation. Therefore, unauthorised software modifications or execution can be detected in near real time.

The aim of the project is to provide a standard set of remote attestation tools that emphasise simplicity and modularity. Through this approach, more complex monitoring systems can be built on top of common functionalities simply by invoking the tools. For example, network protocols standardised by TCG could eventually be layered on top of the existing tools. The project aims to support basic TCG protocols as well as interesting alternatives. Currently, it supports TPM 1.2 but it also aims to support newer TPMs as well as other hardware-based roots of trust.

The dependencies for the tools are relatively minimal, and yet we are always looking for ways to reduce them. We can produce a verification database (to certain degrees) for a variety of Linux distributions (long-term-support (LTS) distributions only) including:

• Debian
• Ubuntu (LTS versions)
• CentOS 7

Your contribution is very welcome! If you use this for research or production purposes, then please cite us or let us know your requirements.

To get started, see the project README

All activities of the project are public and all results are in the public domain. We welcome anyone interested to join us in contributing to the project.

The LightVerifier project is being led by Adrian Shaw as part of general research activities. Let him know.