Attack, Solution and Verification for Shared Authorisation Data in TCG TPM

Chen, Liqun; Ryan, Mark

doi:10.1007/978-3-642-12459-4_15

Liqun Chen^18,19 &
Mark Ryan^18,19

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5983))

Included in the following conference series:

International Workshop on Formal Aspects in Security and Trust

487 Accesses
24 Citations
3 Altmetric

Abstract

The Trusted Platform Module (TPM) is a hardware chip designed to enable computers to achieve greater security. Proof of possession of authorisation values known as authdata is required by user processes in order to use TPM keys. If a group of users are to be authorised to use a key, then the authdata for the key may be shared among them. We show that sharing authdata between users allows a TPM impersonation attack, which enables an attacker to completely usurp the secure storage of the TPM. The TPM has a notion of encrypted transport session, but it does not fully solve the problem we identify.

We propose a new authorisation protocol for the TPM, which we call Session Key Authorisation Protocol (SKAP). It generalises and replaces the existing authorisation protocols (OIAP and OSAP). It allows authdata to be shared without the possibility of the impersonation attack, and it solves some other problems associated with OIAP and OSAP. We analyse the old and the new protocols using ProVerif. Authentication and secrecy properties (which fail for the old protocols) are proved to hold of SKAP.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

ISO/IEC 11770-4: Information technology – Security techniques – Key management – Part 4: Mechanisms based on weak secrets
Google Scholar
ISO/IEC 18033-2: Information technology – Security techniques – Encryption algorithms – Part 2: Asymmetric ciphers
Google Scholar
ISO/IEC 18033-3: Information technology – Security techniques – Encryption algorithms – Part 3: Block ciphers
Google Scholar
ISO/IEC 19772: Information technology – Security techniques – Authenticated encryption
Google Scholar
ISO/IEC 9797-2: Information technology – Security techniques – Message authentication codes (MACs) – Part 2: Mechanisms using a dedicated hash-function
Google Scholar
ISO/IEC, P.D.: 11889: Information technology – Security techniques – Trusted platform module
Google Scholar
Ables, K.: An attack on key delegation in the trusted platform module (first semester mini-project in computer security). Master’s thesis, School of Computer Science, University of Birmingham (2009)
Google Scholar
Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Schneider, S. (ed.) 14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, June 2001, pp. 82–96. IEEE Computer Society Press, Los Alamitos (2001)
Chapter Google Scholar
Blanchet, B.: ProVerif: Automatic Cryptographic Protocol Verifier User Manual (2008)
Google Scholar
Bruschi, D., Cavallaro, L., Lanzi, A., Monga, M.: Replay attack in TCG specification and solution. In: ACSAC 2005: Proceedings of the 21st Annual Computer Security Applications Conference, pp. 127–137. IEEE Computer Society, Los Alamitos (2005)
Chapter Google Scholar
Chen, L., Ryan, M.D.: Offline dictionary attack on TCG TPM weak authorisation data, and solution. In: Grawrock, D., Reimer, H., Sadeghi, A., Vishik, C. (eds.) Future of Trust in Computing. Vieweg & Teubner (2008)
Google Scholar
Gürgens, S., Rudolph, C., Scheuermann, D., Atts, M., Plaga, R.: Security evaluation of scenarios based on the TCG’s TPM specification. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 438–453. Springer, Heidelberg (2007)
Chapter Google Scholar
Lin, A.H.: Automated Analysis of Security APIs. Master’s thesis, MIT (2005), http://sdg.csail.mit.edu/pubs/theses/amerson-masters.pdf
Trusted Computing Group. TPM Specification version 1.2. Parts 1–3 (2007), http://www.trustedcomputinggroup.org/specs/TPM/

Download references

Author information

Authors and Affiliations

HP Labs, UK
Liqun Chen & Mark Ryan
University of Birmingham, UK
Liqun Chen & Mark Ryan

Authors

Liqun Chen
View author publications
You can also search for this author in PubMed Google Scholar
Mark Ryan
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Dipartimento di Informatica, Università di Pisa, Largo Bruno Pontecorvo, 3, 56127, Pisa, Italy
Pierpaolo Degano
The MITRE Corporation, 202 Burlington Rd, MS S128, MA 01730, Bedford, USA
Joshua D. Guttman

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Chen, L., Ryan, M. (2010). Attack, Solution and Verification for Shared Authorisation Data in TCG TPM. In: Degano, P., Guttman, J.D. (eds) Formal Aspects in Security and Trust. FAST 2009. Lecture Notes in Computer Science, vol 5983. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12459-4_15

Download citation

DOI: https://doi.org/10.1007/978-3-642-12459-4_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12458-7
Online ISBN: 978-3-642-12459-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics