Content deleted Content added
→Attacks: Putting them in a better (more temporal) order |
→Attacks: adding an attack and its reference |
||
Line 165:
In case of physical access, computers with TPM are vulnerable to [[cold boot attack]]s as long as the system is on or can be booted without a passphrase from shutdown or [[Hibernation (computing)|hibernation]], which is the default setup for Windows computers with BitLocker full disk encryption.<ref>{{cite podcast|url=https://blog.f-secure.com/podcast-reinventing-cold-boot-attack/ | title=Episode 14 Reinventing the Cold Boot Attack: Modern Laptop Version | host=Melissa Michael | publisher=F-Secure Blog | date=8 October 2018 | access-date=28 September 2019|archive-url=https://web.archive.org/web/20190928091354/https://blog.f-secure.com/podcast-reinventing-cold-boot-attack/|archive-date=28 September 2019|url-status=live}}</ref>
In 2009, the concept of shared authorisation data in TPM 1.2 was found to be flawed. An adversary given access to the data could spoof responses from the TPM.<ref name=sharedauth>{{cite conference
| title= Attack, solution and verification for shared authorisation data in TCG TPM
| last1=Chen
| first1=Liqun
| last2=Ryan
| first2=Mark
| date=2009
| publisher=LNCS Springer
| conference=Sixth International Workshop on Formal Aspects in Security and Trust (FAST'09)
}}</ref> A fix was proposed, which has been adopted in the specifications for TPM 2.0.
In 2015 as part of the [[Global surveillance disclosures (2013–present)|Snowden revelations]], it was revealed that in 2010 a [[Central Intelligence Agency|US CIA]] team claimed at an internal conference to have carried out a [[Power analysis|differential power analysis]] attack against TPMs that was able to extract secrets.<ref>{{Cite web|url=https://theintercept.com/2015/03/10/ispy-cia-campaign-steal-apples-secrets/|title=The CIA Campaign to Steal Apple's Secrets | last1=Scahill|first1=Jeremy ScahillJosh BegleyJeremy | last2=Begley | first2=Josh| publisher=The Intercept|access-date=August 10, 2017|date=March 10, 2015|archive-date=August 9, 2017|archive-url=https://web.archive.org/web/20170809064512/https://theintercept.com/2015/03/10/ispy-cia-campaign-steal-apples-secrets/|url-status=live}}</ref><ref>{{Cite news|url=https://theintercept.com/document/2015/03/10/tpm-vulnerabilities-power-analysis-exposed-exploit-bitlocker/ | title=TPM Vulnerabilities to Power Analysis and An Exposed Exploit to Bitlocker – The Intercept | work=The Intercept|access-date=August 10, 2017|language=en-US|archive-date=July 9, 2017 | archive-url=https://web.archive.org/web/20170709222530/https://theintercept.com/document/2015/03/10/tpm-vulnerabilities-power-analysis-exposed-exploit-bitlocker/|url-status=live}}</ref>
| |||