ISCAS OpenIR
formal analysis of trusted platform module commands for compromising user key
Qin Yu; Zhao Shijun; Zhang Qianying
2012
发表期刊CHINA COMMUNICATIONS
ISSN1673-5447
卷号9期号:10页码:91-102
摘要The Trusted Platform Module (TPM) is a dedicated hardware chip designed to provide a higher level of security for computing platform. All TPM functionalities are implemented in TPM commands to achieve specific security goals. We attempt to analyze the security properties of these commands, especially the key management API. Our study utilizes applied pi calculus to formalize the commands and determine how their security properties affect TPM key management. The attacker is assumed to call TPM commands without bounds and without knowing the TPM root key, expecting to obtain or replace the user key. The analysis goal in our study is to guarantee the corresponding property of API execution and the integrity of API data. We analyze the security properties of TPM commands with a process reduction method, identify the key-handle hijack attack on a TPM newly created key, and propose reasonable solutions to solve the problem. Then, we conduct an experiment involving a key-handle attack, which successfully replaces a user key with an attacker's key using malicious TPM software. This paper discloses the weakness of the relationship between the key handle and the key object. After the TPM software stack is compromised, the attacker can launch a key-handle attack to obtain the user key and even break into the whole storage tree of user keys.; The Trusted Platform Module (TPM) is a dedicated hardware chip designed to provide a higher level of security for computing platform. All TPM functionalities are implemented in TPM commands to achieve specific security goals. We attempt to analyze the security properties of these commands, especially the key management API. Our study utilizes applied pi calculus to formalize the commands and determine how their security properties affect TPM key management. The attacker is assumed to call TPM commands without bounds and without knowing the TPM root key, expecting to obtain or replace the user key. The analysis goal in our study is to guarantee the corresponding property of API execution and the integrity of API data. We analyze the security properties of TPM commands with a process reduction method, identify the key-handle hijack attack on a TPM newly created key, and propose reasonable solutions to solve the problem. Then, we conduct an experiment involving a key-handle attack, which successfully replaces a user key with an attacker's key using malicious TPM software. This paper discloses the weakness of the relationship between the key handle and the key object. After the TPM software stack is compromised, the attacker can launch a key-handle attack to obtain the user key and even break into the whole storage tree of user keys.
收录类别SCI
关键词Trusted Computing Tpm Tpm Command Applied Pi Calculus Api Analysis
部门归属Qin Yu; Zhao Shijun; Zhang Qianying Chinese Acad Sci Inst Software Beijing 100190 Peoples R China.
学科领域Telecommunications
资助者National Natural Science Foundation of China 91118006, 61202414; Knowledge Innovation Project of Chinese Academy of Science ISCAS2009-DR14
语种英语
WOS记录号WOS:000310670600010
引用统计
内容类型期刊论文
URI标识http://ir.iscas.ac.cn/handle/311060/15062
专题中国科学院软件研究所
推荐引用方式
GB/T 7714
Qin Yu,Zhao Shijun,Zhang Qianying. formal analysis of trusted platform module commands for compromising user key[J]. CHINA COMMUNICATIONS,2012,9(10):91-102.
APA Qin Yu,Zhao Shijun,&Zhang Qianying.(2012).formal analysis of trusted platform module commands for compromising user key.CHINA COMMUNICATIONS,9(10),91-102.
MLA Qin Yu,et al."formal analysis of trusted platform module commands for compromising user key".CHINA COMMUNICATIONS 9.10(2012):91-102.
条目包含的文件
条目无相关文件。
个性服务
推荐该条目
保存到收藏夹
查看访问统计
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Qin Yu]的文章
[Zhao Shijun]的文章
[Zhang Qianying]的文章
百度学术
百度学术中相似的文章
[Qin Yu]的文章
[Zhao Shijun]的文章
[Zhang Qianying]的文章
必应学术
必应学术中相似的文章
[Qin Yu]的文章
[Zhao Shijun]的文章
[Zhang Qianying]的文章
相关权益政策
暂无数据
收藏/分享
所有评论 (0)
暂无评论
 

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。