Keylime is a highly scalable remote boot attestation and runtime integrity measurement solution. It enables users to monitor remote nodes using a hardware-based cryptographic root of trust.

Keylime provides a way to build trust in a remote machine, using cryptographic assurances based on Trusted Platform Modules (TPMs). It allows for the provisioning of encrypted payloads on these machines and monitoring the integrity of the system during runtime, as well as checking for any discrepancies such as modified files, by using the Linux kernel Integrity Measurement Architecture (IMA) subsystem. Users can create their own customized actions that will trigger when a machine fails its attested measurements.

Keylime is a CNCF hosted project that was originally born out of the security research team at MIT’s Lincoln Laboratory.

Project Site

Project Engagement

Project Contact

Michael Peters

Principal Software Engineer