Skip to main content
SpringerLink
Log in

Automatic Analysis of Security Properties of the TPM

  • Conference paper
Book cover Trusted Systems (INTRUST 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7711))

Included in the following conference series:

  • 702 Accesses

The TPM and Some Attacks

The trusted platform module (TPM) is a hardware chip designed to enable commodity computers to achieve greater levels of security than is possible in software alone. There are 300 million TPMs currently in existence, mostly in highend laptops, but now increasingly in desktops and servers. Application software such as Microsoft’s BitLocker and HP’s ProtectTools use the TPM in order to guarantee security properties. The TPM specification is an industry standard [1] and an ISO/IEC standard [2] co-ordinated by the Trusted Computing Group.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 72.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Trusted Computing Group: TPM Specification version 1.2. Parts 1–3 (2007), http://www.trustedcomputinggroup.org/resources/tpm_main_specification

  2. ISO/IEC: ISO/IEC PAS DIS 11889: Information technology – Security techniques – Trusted platform module

    Google Scholar 

  3. Gürgens, S., Rudolph, C., Scheuermann, D., Atts, M., Plaga, R.: Security Evaluation of Scenarios Based on the TCG’s TPM Specification. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 438–453. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  4. Chen, L., Ryan, M.D.: Offline dictionary attack on TCG TPM weak authorisation data, and solution. In: Grawrock, D., Reimer, H., Sadeghi, A., Vishik, C. (eds.) Future of Trust in Computing. Vieweg & Teubner (2008)

    Google Scholar 

  5. Chen, L., Ryan, M.D.: Attack, Solution and Verification for Shared Authorisation Data in TCG TPM. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 201–216. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  6. Bruschi, D., Cavallaro, L., Lanzi, A., Monga, M.: Replay attack in TCG specification and solution. In: ACSAC 2005: Proceedings of the 21st Annual Computer Security Applications Conference, pp. 127–137. IEEE Computer Society, Washington, DC (2005)

    Google Scholar 

  7. Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: Schneider, S. (ed.) 14th IEEE Computer Security Foundations Workshop, pp. 82–96. IEEE Computer Society Press, Cape Breton (2001)

    Chapter  Google Scholar 

  8. Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: A Formal Analysis of Authentication in the TPM. In: Degano, P., Etalle, S., Guttman, J. D. (eds.) FAST 2010. LNCS, vol. 6561, pp. 111–125. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  9. Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: Formal analysis of protocols based on TPM state registers. In: [16], pp. 66–80

    Google Scholar 

  10. Weidenbach, C.: Towards an Automatic Analysis of Security Protocols in First-Order Logic. In: Ganzinger, H. (ed.) CADE 1999. LNCS (LNAI), vol. 1632, pp. 314–328. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  11. Microsoft: BitLocker FAQ, http://technet.microsoft.com/en-us/library/ee449438WS.10.aspx

  12. Ables, K., Ryan, M.D.: Escrowed Data and the Digital Envelope. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 246–256. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  13. Arapinis, M., Ritter, E., Ryan, M.D.: StatVerif: Verification of stateful processes. In: [16], pp. 33–47

    Google Scholar 

  14. Xu, S., Batten, I., Ryan, M.: Dynamic measurement and protected execution: model and analysis. Paper in Preparation

    Google Scholar 

  15. McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: An execution infrastructure for tcb minimization. In: Proceedings of the ACM European Conference in Computer Systems (EuroSys) (April 2008)

    Google Scholar 

  16. Proceedings of the 24th IEEE Computer Security Foundations Symposium, CSF 2011, June 27-29, IEEE Computer Society, Cernay-la-Ville, France (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, University of Birmingham, UK

    Mark D. Ryan

Authors
  1. Mark D. Ryan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Security Group, University of London, Royal Holloway, TW20 0EX, Egham, Surrey, UK

    Chris J. Mitchell  & Allan Tomlinson  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ryan, M.D. (2012). Automatic Analysis of Security Properties of the TPM. In: Mitchell, C.J., Tomlinson, A. (eds) Trusted Systems. INTRUST 2012. Lecture Notes in Computer Science, vol 7711. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35371-0_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35371-0_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35370-3

  • Online ISBN: 978-3-642-35371-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation