Two projects about Trusted Computing

• King Ables. An alleged attack on key delegation in the Trusted Platform Module. 2009.

The Trusted Platform Module (TPM) is a chip that provides hardware-based cryptographic functions in an effort to create a more trustworthy environment that is not vulnerable to malware or intentional misuse. The TPM is found in most Intel-based computers manufactured today. It is specified by the Trusted Computing Group (TCG) and manufactured by many different companies.

In his Master's thesis, Amerson Lin describes a potential weakness in the specification of the TPM, which he discovered during automated analysis of the TPM's API. This vulnerability is examined as a potential attack on the TPM. Lin alleges that the flaw means the TPM is susceptible to a key handle switching attack, which can be used to gain illegitimate access to a key while using a different key legitimately.

To execute the attack, modifications to TPM/J (a Java API for the TPM) were required. The capability to create delegated keys and establish the special type of transport session necessary to use them is not included in the current release of TPM/J (nor in any of the other tools that were considered). After TPM/J was extended to support these functions, the attack itself was developed. When executed, the attack ultimately failed and the TPM correctly denied access to the key.

Source code:

• tpm-attack-1.0-2-src.tar.bz2

In order to compile the source code you will need a Java Development Kit (JDK). The 'ant' build tool is also helpful, but not essential. These should be available through your operating system's package manager, or you can get them from Sun's website.

Alternatively, you can try out the pre-compiled version:

• tpm-attack-1.0-2-noarch.tar.bz2

Note

Due to the nature of the software, it can only work on computers with a Trusted Platform Module (TPM).