Abstract
The Trusted Computing Group (TCG) defines the specifications for the Trusted Platform Module (TPM) and corresponding trust mechanisms that allow a TPM-enabled platform to run only authenticated software. For example, the operating system (OS) can use the facilities provided by the TPM to authenticate a Digital Rights Management (DRM) application before allowing it to run. However TCG does not provide any clear specification on what kind of software can be regarded as trusted and hence be authenticated. In fact it is unlikely that there will be a clear line between the software that should be authenticated and those should not, e.g., debugger for developing binary codes and Internet browser for running applets. This leaves a grey area where even authenticated software may be exploited for malicious usage. This paper investigates the security of DRM applications in a relaxed scenario where users have larger purview. We present two attacks: abuse attack and injection attack where some reasonably authenticated software can be exploited for stealing protected contents. In the abuse attack, an attacker uses an authenticated debugger to monitor the internal state of a DRM application for the purpose of violating the access privilege in the application. In the injection attack, an adversary is able to make malicious modifications on an original DRM application at will. These two attacks demonstrate that it is not straightforward to impose DRM in a TPM-enabled system. To counter the attacks, we provide the OS-encapsulation scheme which ensures that only the genuine OS can start the DRM application. Our scheme is an enhancement of security for TPM-enabled DRM in a loose but more practical environment, where people are allowed to use the debugger, web browser, etc.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sandhu, R., Zhang, X.: Peer to Peer Access Control Architecture Using Trusted Computing Technology. In: SACMAT, pp. 147–158 (2005)
Schell, R., Thompson, M.: Platform Security: What is Lacking, Elsevier Science, Information Security Technical Report (January 2000), http://www.dx.doi.org10.1016/S1363-4127(00)87628-1
Trusted Computing Platform Allaince, Tcpa main specification v. 1.2, https://www.trustedcomputinggroup.org/specs/TSS/ .
George, P.: Smart Cards: A Bridge Between Users And Trusted Platforms, e-Smart Conference (2004), see also http://citeseer.ist.psu.edu/729848.html
Haldar, V., Chandra, D., Franz, M.: Semantic Remote Attestation -A Virtual Machine directed approach to Trusted Computing. In: Virtual Machine Research and Technology Symposium, pp. 29–41 (2004)
Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: 11th ACM Conference on Computer and Communications Security, pp. 132–145 (2004)
Smith, S.W., Safford, D.: Practical Server Privacy Using Secure Coprocessors. IBM Systems J. 40(3), 683–695 (2001)
Camenisch, J.: Better Privacy for Trusted Computing Platforms. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 73–88. Springer, Heidelberg (2004)
Wurster, G., van Oorschot, P.C., Somayaji, A.: A Generic Attack on Checksumming-based Software Tamper Resistance. In: IEEE Symposium on Security and Privacy, pp. 127–138 (2005)
van Oorschot, P.C., Somayaji, A., Wurster, G.: Hardware assisted circumvention of self-hashing software tamper resistance. IEEE Transactions on Dependable and Secure Computing 2(2), 82–92 (2005)
Chang, H., Atallah, M.: Protecting Software Code by Guards. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, Springer, Heidelberg (2002)
Horne, B., Matheson, L.R., Sheehan, C., Tarjan, R.E.: Dynamic Self-Checking Techniques for Improved Tamper Resistance. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, Springer, Heidelberg (2002)
Felten, E.W.: Understanding trusted computing: will its benefits outweigh its drawbacks? IEEE Security & Privacy 1(3), 60–62 (2003)
Anderson, R.: Trusted Computing Frequently Asked Questions, http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
Arbaugh, B.: mproving the TCPA specification. IEEE Computer 35(8), 77–79 (2002)
Safford, D.: The Need for TCPA (October 2002), http://www.research.ibm.com/gsal/tcpa/why_tcpa.pdf
TCG Specification Architecture Overview, Specification Revision 1.2 28 (April 2004)
Architecture, O.D.: Approved Version 2.0: OMAAD-DRM-V2_0-20060303-A (2006), http://www.openmobilealliance.org/release_program/drm_v2_0.html
Cerven, P.: Crackproof Your Software. William Pollick publisher (2002)
Wee, H.: On Obfuscating Point Functions. In: STOC, pp. 523–532 (2005)
Wu, Y.: Guarding Software Checkpoint. International Journal Computer Scence and Network Security 5(12) (2005)
Chow, S., Eisen, P., Johnson, H., van Oorschot, P.C.: A White-Box DES Implementation for DRM Applications. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 1–15. Springer, Heidelberg (2003)
Jacob, M., Boneh, D., Felten, E.: Attacking an Obfuscated Cipher by Injecting Faults. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 16–31. Springer, Heidelberg (2003)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wu, Y., Bao, F., Deng, R.H., Mouffron, M., Rousseau, F. (2008). Enhanced Security by OS-Oriented Encapsulation in TPM-Enabled DRM. In: Pei, D., Yung, M., Lin, D., Wu, C. (eds) Information Security and Cryptology. Inscrypt 2007. Lecture Notes in Computer Science, vol 4990. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79499-8_37
Download citation
DOI: https://doi.org/10.1007/978-3-540-79499-8_37
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-79498-1
Online ISBN: 978-3-540-79499-8
eBook Packages: Computer ScienceComputer Science (R0)