An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Replay Attack in TCG Specification and Solution
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Security evaluation of scenarios based on the TCG's TPM specification
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
A formal analysis of authentication in the TPM
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Cloaking malware with the trusted platform module
SEC'11 Proceedings of the 20th USENIX conference on Security
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
A hijacker's guide to the LPC bus
EuroPKI'11 Proceedings of the 8th European conference on Public Key Infrastructures, Services, and Applications
Specification and Standardization of a Java Trusted Computing API
Software—Practice & Experience
DAA protocol analysis and verification
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
A hijacker's guide to communication interfaces of the trusted platform module
Computers & Mathematics with Applications
Analysis of object-specific authorization protocol (OSAP) using coloured petri nets
AISC '12 Proceedings of the Tenth Australasian Information Security Conference - Volume 125
Hi-index | 0.00 |
The Trusted Platform Module (TPM) is a hardware chip designed to enable computers to achieve greater security. Proof of possession of authorisation values known as authdata is required by user processes in order to use TPM keys. If a group of users are to be authorised to use a key, then the authdata for the key may be shared among them. We show that sharing authdata between users allows a TPM impersonation attack, which enables an attacker to completely usurp the secure storage of the TPM. The TPM has a notion of encrypted transport session, but it does not fully solve the problem we identify. We propose a new authorisation protocol for the TPM, which we call Session Key Authorisation Protocol (SKAP). It generalises and replaces the existing authorisation protocols (OIAP and OSAP). It allows authdata to be shared without the possibility of the impersonation attack, and it solves some other problems associated with OIAP and OSAP. We analyse the old and the new protocols using ProVerif. Authentication and secrecy properties (which fail for the old protocols) are proved to hold of SKAP.