Content deleted Content added
Convert asterisk footnotes to efn/noteslist footnotes (never done this before, so here’s to hoping the preview didn’t lie and I did it right…) #article-section-source-editor Tags: Mobile edit Mobile app edit iOS app edit |
→Attacks: Putting them in a better (more temporal) order |
||
Line 163:
== Attacks ==
In 2010 [[Christopher Tarnovsky]] presented an attack against TPMs at [[Black Hat Briefings]], where he claimed to be able to extract secrets from a single TPM. He was able to do this after 6 months of work by inserting a probe and spying on an [[Bus (computing)|internal bus]] for the Infineon SLE 66 CL PC.<ref>{{Cite web|url=https://www.networkworld.com/news/2010/020210-black-hat-processor-security.html|title=Black Hat: Researcher claims hack of processor used to secure Xbox 360, other products|date=January 30, 2012|access-date=August 10, 2017|url-status=bot: unknown|archive-url=https://web.archive.org/web/20120130095246/https://www.networkworld.com/news/2010/020210-black-hat-processor-security.html|archive-date=January 30, 2012}}</ref><ref>{{Cite web|url=https://hackaday.com/2010/02/09/tpm-crytography-cracked/|title=TPM crytography cracked|last=Szczys|first=Mike|date=February 9, 2010|website=HACKADAY|archive-url=https://web.archive.org/web/20100212050338/https://hackaday.com/2010/02/09/tpm-crytography-cracked/|archive-date=February 12, 2010}}</ref>
In case of physical access, computers with TPM are vulnerable to [[cold boot attack]]s as long as the system is on or can be booted without a passphrase from shutdown or [[Hibernation (computing)|hibernation]], which is the default setup for Windows computers with BitLocker full disk encryption.<ref>{{cite podcast|url=https://blog.f-secure.com/podcast-reinventing-cold-boot-attack/ | title=Episode 14 Reinventing the Cold Boot Attack: Modern Laptop Version | host=Melissa Michael | publisher=F-Secure Blog | date=8 October 2018 | access-date=28 September 2019|archive-url=https://web.archive.org/web/20190928091354/https://blog.f-secure.com/podcast-reinventing-cold-boot-attack/|archive-date=28 September 2019|url-status=live}}</ref>▼
In 2015 as part of the [[Global surveillance disclosures (2013–present)|Snowden revelations]], it was revealed that in 2010 a [[Central Intelligence Agency|US CIA]] team claimed at an internal conference to have carried out a [[Power analysis|differential power analysis]] attack against TPMs that was able to extract secrets.<ref>{{Cite web|url=https://theintercept.com/2015/03/10/ispy-cia-campaign-steal-apples-secrets/|title=The CIA Campaign to Steal Apple's Secrets | last1=Scahill|first1=Jeremy ScahillJosh BegleyJeremy | last2=Begley | first2=Josh| publisher=The Intercept|access-date=August 10, 2017|date=March 10, 2015|archive-date=August 9, 2017|archive-url=https://web.archive.org/web/20170809064512/https://theintercept.com/2015/03/10/ispy-cia-campaign-steal-apples-secrets/|url-status=live}}</ref><ref>{{Cite news|url=https://theintercept.com/document/2015/03/10/tpm-vulnerabilities-power-analysis-exposed-exploit-bitlocker/ | title=TPM Vulnerabilities to Power Analysis and An Exposed Exploit to Bitlocker – The Intercept | work=The Intercept|access-date=August 10, 2017|language=en-US|archive-date=July 9, 2017 | archive-url=https://web.archive.org/web/20170709222530/https://theintercept.com/document/2015/03/10/tpm-vulnerabilities-power-analysis-exposed-exploit-bitlocker/|url-status=live}}</ref>
In 2018, a design flaw in the TPM 2.0 specification for the static root of trust for measurement (SRTM) was reported ({{CVE|2018-6622}}). It allows an adversary to reset and forge platform configuration registers which are designed to securely hold measurements of software that are used for bootstrapping a computer.<ref name=USENIX27>{{cite conference|url=https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-han.pdf|title=A Bad Dream: Subverting Trusted Platform Module While You Are Sleeping| last1=Seunghun| first1=Han| last2=Wook| first2=Shin | last3=Jun-Hyeok | first3=Park | last4=HyoungChun | first4=Kim|date=August 15–17, 2018 | publisher=USENIX Association | ___location=Baltimore, MD, USA|conference=27th USENIX Security Symposium | isbn=9781939133045 | archive-url=https://web.archive.org/web/20180820032203/https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-han.pdf | archive-date=20 August 2018 | url-status=live}}</ref> Fixing it requires hardware-specific firmware patches.<ref name=USENIX27 /> An attacker abuses power interrupts and TPM state restores to trick TPM into thinking that it is running on non-tampered components.<ref name=Bleeping>{{cite web | url=https://www.bleepingcomputer.com/news/security/researchers-detail-two-new-attacks-on-tpm-chips/ | title=Researchers Detail Two New Attacks on TPM Chips | first=Catalin | last=Cimpanu| publisher=Bleeping Computer | date=August 29, 2018|access-date=28 September 2019 | archive-url=https://web.archive.org/web/20181007062452/https://www.bleepingcomputer.com/news/security/researchers-detail-two-new-attacks-on-tpm-chips/|archive-date=7 October 2018|url-status=live}}</ref>▼
Main [[tboot|Trusted Boot (tboot)]] distributions before November 2017 are affected by a dynamic root of trust for measurement (DRTM) attack {{CVE|2017-16837}}, which affects computers running on [[Trusted Execution Technology|Intel's Trusted eXecution Technology (TXT)]] for the boot-up routine.<ref name=Bleeping />
▲In 2018, a design flaw in the TPM 2.0 specification for the static root of trust for measurement (SRTM) was reported ({{CVE|2018-6622}}). It allows an adversary to reset and forge platform configuration registers which are designed to securely hold measurements of software that are used for bootstrapping a computer.<ref name=USENIX27>{{cite conference|url=https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-han.pdf|title=A Bad Dream: Subverting Trusted Platform Module While You Are Sleeping| last1=Seunghun| first1=Han| last2=Wook| first2=Shin | last3=Jun-Hyeok | first3=Park | last4=HyoungChun | first4=Kim|date=August 15–17, 2018 | publisher=USENIX Association | ___location=Baltimore, MD, USA|conference=27th USENIX Security Symposium | isbn=9781939133045 | archive-url=https://web.archive.org/web/20180820032203/https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-han.pdf | archive-date=20 August 2018 | url-status=live}}</ref> Fixing it requires hardware-specific firmware patches.<ref name=USENIX27 /> An attacker abuses power interrupts and TPM state restores to trick TPM into thinking that it is running on non-tampered components.<ref name=Bleeping>{{cite web | url=https://www.bleepingcomputer.com/news/security/researchers-detail-two-new-attacks-on-tpm-chips/ | title=Researchers Detail Two New Attacks on TPM Chips | first=Catalin | last=Cimpanu| publisher=Bleeping Computer | date=August 29, 2018|access-date=28 September 2019 | archive-url=https://web.archive.org/web/20181007062452/https://www.bleepingcomputer.com/news/security/researchers-detail-two-new-attacks-on-tpm-chips/|archive-date=7 October 2018|url-status=live}}</ref>
▲In case of physical access, computers with TPM are vulnerable to [[cold boot attack]]s as long as the system is on or can be booted without a passphrase from shutdown or [[Hibernation (computing)|hibernation]], which is the default setup for Windows computers with BitLocker full disk encryption.<ref>{{cite podcast|url=https://blog.f-secure.com/podcast-reinventing-cold-boot-attack/ | title=Episode 14 Reinventing the Cold Boot Attack: Modern Laptop Version | host=Melissa Michael | publisher=F-Secure Blog | date=8 October 2018 | access-date=28 September 2019|archive-url=https://web.archive.org/web/20190928091354/https://blog.f-secure.com/podcast-reinventing-cold-boot-attack/|archive-date=28 September 2019|url-status=live}}</ref>
In 2021, the Dolos Group showed an attack on a discrete TPM, where the TPM chip itself had some tamper resistance, but the other endpoints of its communication bus did not. They read a full-disk-encryption key as it was transmitted across the motherboard, and used it to decrypt the laptop's SSD.<ref>{{cite web |url=https://arstechnica.com/gadgets/2021/08/how-to-go-from-stolen-pc-to-network-intrusion-in-30-minutes/ |title=Trusted platform module security defeated in 30 minutes, no soldering required |date=August 3, 2021}}</ref>
| |||