A formal analysis of authentication in the TPM

Authors:
Stéphanie Delaune;Steve Kremer;Mark D. Ryan;Graham Steel
Affiliations:
LSV, ENS Cachan & CNRS & INRIA Saclay Île-de-France, France;LSV, ENS Cachan & CNRS & INRIA Saclay Île-de-France, France;School of Computer Science, University of Birmingham, UK;LSV, ENS Cachan & CNRS & INRIA Saclay Île-de-France, France
Venue:
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Year:
2010

Citing 10
Cited 1

Mobile values, new names, and secure communication

POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Replay Attack in TCG Specification and Solution

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Beyond secure channels

Proceedings of the 2007 ACM workshop on Scalable trusted computing
Automatic verification of correspondences for security protocols

Journal of Computer Security
A Logic of Secure Systems and its Application to Trusted Computing

SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Analysing PKCS#11 Key Management APIs with Unbounded Fresh Data

Foundations and Applications of Security Analysis
Principles of remote attestation

International Journal of Information Security - Special Issue:10th International Conference on Information and Communications Security (ICICS)
Attack, solution and verification for shared authorisation data in TCG TPM

FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
The AVISPA tool for the automated validation of internet security protocols and applications

CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Security evaluation of scenarios based on the TCG's TPM specification

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

DAA protocol analysis and verification

INTRUST'11 Proceedings of the Third international conference on Trusted Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Trusted Platform Module (TPM) is a hardware chip designed to enable computers to achieve a greater level of security than is possible in software alone. To this end, the TPM provides a way to store cryptographic keys and other sensitive data in its shielded memory. Through its API, one can use those keys to achieve some security goals. The TPM is a complex security component, whose specification consists of more than 700 pages. We model a collection of four TPM commands, and we identify and formalise their security properties. Using the tool ProVerif, we rediscover some known attacks and some new variations on them. We propose modifications to the API and verify our properties for the modified API.