中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Subject: Telecommunications
Title:
formal analysis of trusted platform module commands for compromising user key
Author: Qin Yu ; Zhao Shijun ; Zhang Qianying
Keyword: trusted computing ; TPM ; TPM command ; applied pi calculus ; API analysis
Source: CHINA COMMUNICATIONS
Issued Date: 2012
Volume: 9, Issue:10, Pages:91-102
Indexed Type: SCI
Department: Qin Yu; Zhao Shijun; Zhang Qianying Chinese Acad Sci Inst Software Beijing 100190 Peoples R China.
Sponsorship: National Natural Science Foundation of China 91118006, 61202414; Knowledge Innovation Project of Chinese Academy of Science ISCAS2009-DR14
Abstract: The Trusted Platform Module (TPM) is a dedicated hardware chip designed to provide a higher level of security for computing platform. All TPM functionalities are implemented in TPM commands to achieve specific security goals. We attempt to analyze the security properties of these commands, especially the key management API. Our study utilizes applied pi calculus to formalize the commands and determine how their security properties affect TPM key management. The attacker is assumed to call TPM commands without bounds and without knowing the TPM root key, expecting to obtain or replace the user key. The analysis goal in our study is to guarantee the corresponding property of API execution and the integrity of API data. We analyze the security properties of TPM commands with a process reduction method, identify the key-handle hijack attack on a TPM newly created key, and propose reasonable solutions to solve the problem. Then, we conduct an experiment involving a key-handle attack, which successfully replaces a user key with an attacker's key using malicious TPM software. This paper discloses the weakness of the relationship between the key handle and the key object. After the TPM software stack is compromised, the attacker can launch a key-handle attack to obtain the user key and even break into the whole storage tree of user keys.
English Abstract: The Trusted Platform Module (TPM) is a dedicated hardware chip designed to provide a higher level of security for computing platform. All TPM functionalities are implemented in TPM commands to achieve specific security goals. We attempt to analyze the security properties of these commands, especially the key management API. Our study utilizes applied pi calculus to formalize the commands and determine how their security properties affect TPM key management. The attacker is assumed to call TPM commands without bounds and without knowing the TPM root key, expecting to obtain or replace the user key. The analysis goal in our study is to guarantee the corresponding property of API execution and the integrity of API data. We analyze the security properties of TPM commands with a process reduction method, identify the key-handle hijack attack on a TPM newly created key, and propose reasonable solutions to solve the problem. Then, we conduct an experiment involving a key-handle attack, which successfully replaces a user key with an attacker's key using malicious TPM software. This paper discloses the weakness of the relationship between the key handle and the key object. After the TPM software stack is compromised, the attacker can launch a key-handle attack to obtain the user key and even break into the whole storage tree of user keys.
Language: 英语
WOS ID: WOS:000310670600010
Citation statistics:
Content Type: 期刊论文
URI: http://ir.iscas.ac.cn/handle/311060/15062
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
Qin Yu,Zhao Shijun,Zhang Qianying. formal analysis of trusted platform module commands for compromising user key[J]. CHINA COMMUNICATIONS,2012-01-01,9(10):91-102.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Qin Yu]'s Articles
[Zhao Shijun]'s Articles
[Zhang Qianying]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Qin Yu]‘s Articles
[Zhao Shijun]‘s Articles
[Zhang Qianying]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2020  中国科学院软件研究所 - Feedback
Powered by CSpace