# Trusted computing

## Chains of trust

Trust is built upon measurements.

* If one can measure, one can evaluate.
* In this case, we want to measure the code that executes.
  * Not what the code does, but what the code is.
  * The evaluation is performed before the actual execution.

Chains of trust.

* Trust that code R is correct, and measures other code, run R.
* If R needs to run code A, measures A, registers measure, and runs A.
* If A needs to run code B measures B, registers measure, and runs B.
* In the end, all ran code was measured.
  * A tampered code will be detectable by its measurement by the predecessor.