Abstract
We present a Trusted Platform Module (TPM) application protocol that detects a certain man in the middle attack where an adversary captures and replaces a legitimate computing platform with an imposter that forwards platform authentication challenges to the captive over a high speed data link. This revised Cuckoo attack allows the imposter to satisfy a user’s query of platform integrity, tricking the user into divulging sensitive information to the imposter. Our protocol uses an ordinary smart card to verify the platform boot integrity through TPM quote requests, and to verify TPM proximity by measuring TPM tickstamp times required to answer the quotes. Quotes not answered in an expected amount of time may indicate the presence of an imposter’s data link, revealing the Cuckoo attack. We describe a timing model for the Cuckoo attack, and summarize experimental results that demonstrate the feasibility of using timing to detect the Cuckoo attack over practical levels of adversary link speeds.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Challener, D., Yoder, K., Catherman, R., Safford, D., Van Doorn, L.: A practical guide to trusted computing. IBM press, Upper Saddle River (2007); ISBN 978-0132398428
Fink, R.A., Sherman, A.T., Carback, R.: TPM meets DRE: Reducing the trust base for electronic voting using trusted platform modules. IEEE Transactions on Security and Forensics 4(4), 628–637 (2009)
Gardner, R.W., Garera, S., Rubin, A.D.: Detecting code alteration by creating a temporary memory bottleneck. IEEE Transactions on Security and Forensics 4(4) (2009)
Goldman, K., Perez, R., Sailer, R.: Linking remote attestation to secure tunnel endpoints. In: Proceedings of the First ACM Workshop on Scalable Trusted Computing, pp. 21–24. ACM, New York (2006)
IBM Corporation: The Trusted Computing Software Stack (TrouSerS) software library (2008), http://sourceforge.net/projects/trousers/ (last accessed February 3, 2011)
IBM Corporation: Software TPM emulator (2010), http://ibmswtpm.sourceforge.net/ (last accessed June 23, 2010)
Parno, B.: Bootstrapping trust in a trusted platform. In: Proceedings of the 3rd Conference on Hot Topics in Security, pp. 1–6. USENIX Association (2008)
Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: SoftWare-based ATTestation for embedded devices. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 272–282. IEEE, Los Alamitos (2004)
Stumpf, F., Tafreschi, O., Röder, P., Eckert, C.: A robust integrity reporting protocol for remote attestation. In: Second Workshop on Advances in Trusted Computing (WATCâ06 Fall), Citeseer (2006)
Trusted Computing Group. TCG TPM specification version 1.2, revision 103 (2008), https://www.trustedcomputinggroup.org/specs/TPM (last accessed on March 15, 2008)
Trusted Computing Group. The TCG Software Stack (2009), http://www.trustedcomputinggroup.org/developers/software_stack (last accessed September 1, 2009)
Trusted Computing Group. The TCG Trusted Network Connect (2009), http://www.trustedcomputinggroup.org/developers/trusted_network_connect/ (last accessed September 1, 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Fink, R.A., Sherman, A.T., Mitchell, A.O., Challener, D.C. (2011). Catching the Cuckoo: Verifying TPM Proximity Using a Quote Timing Side-Channel. In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, AR., Sasse, A., Beres, Y. (eds) Trust and Trustworthy Computing. Trust 2011. Lecture Notes in Computer Science, vol 6740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21599-5_22
Download citation
DOI: https://doi.org/10.1007/978-3-642-21599-5_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21598-8
Online ISBN: 978-3-642-21599-5
eBook Packages: Computer ScienceComputer Science (R0)