12 May 2009 - 14h00
Attacks on the Trusted Platform Module, and solutions
by Mark Ryan from School of Computer Science University ofBirmingham
Abstract: The Trusted Platform Module (TPM) is a hardware chip designed to
enable computers achieve greater security. Proof of possession of values
known as authData is required by user processes in order to use TPM
keys. We demonstrate two attacks relating to the way authData is handled,
and explain their consequences. By using the attacks, an attacker can
circumvent some crucial operations of the TPM, and impersonate a TPM
user to the TPM, or impersonate the TPM to its user. We describe
modifications to the TPM protocols that avoid these attacks, and use
protocol verification techniques to prove their security.
Slides of the Presentation.