Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IFIP
2009
Springer
2009
Springer
Attack, Solution and Verification for Shared Authorisation Data in TCG TPM
The Trusted Platform Module (TPM) is a hardware chip designed to enable computers achieve greater security. Proof of possession of authorisation values known as authdata is required by user processes in order to use TPM keys. If a group of users are to be authorised to use a key, then the authdata for the key may be shared among them. We show that sharing authdata between users allows a TPM impersonation attack, which enables an attacker to completely usurp the secure storage of the TPM. The TPM has a notion of encrypted transport session, but it does not fully solve the problem we identify. We propose a new authorisation protocol for the TPM, which we call Session Key Authorisation Protocol (SKAP). It generalises and replaces the existing authorisation protocols (OIAP and OSAP). It allows authdata to be shared without the possibility of the impersonation attack, and it solves some other problems associated with OIAP and OSAP. We analyse the old and the new protocols using ProVerif. Au...
Real-time TrafficAuthorisation Protocols | IFIP 2009 | Impersonation Attack | Programming Languages | TPM Impersonation Attack |
| Added | 19 Feb 2011 |
| Updated | 19 Feb 2011 |
| Type | Journal |
| Year | 2009 |
| Where | IFIP |
| Authors | Liqun Chen, Mark Ryan |
Comments (0)
Researcher Info
|
