bit-tech.net

TPM security cracked wide open

TPM security cracked wide open

The Trusted Platform Module is perhaps a little less trustworth today, following Christopher Tarnovsky's discovery of a physical attack vector.

The previously unassailable Trusted Platform Module - designed to provide cryptographic security to data held on servers and PCs - has been cracked by a California-based hacker.

According to a report in the New Zealand Herald - via Hack a Day - security consultant Christopher Tarnovsky has worked out a way to convince the TPM chip to give up its closely-held secrets.

Revealed at the 2010 Black Hat conference, the hack isn't exactly straightforward: it relies on having both physical access to a TPM-secured machine, and on having a great deal of experience with the physical hacking of semiconductors - something Tarnovsky has in spades.

The process is similar to the way Tarnovsky has cracked other security chips in the past: starting by soaking the chip in acid to dissolve the plastic casing, Tarnovsky then carefully removes the RF-protective mesh to get at the wiring at the heart of the chip. Once exposed, a logic probe with an extremely small needle allows him to find the relevant communication channel - and from there set up a digital eavesdrop.

While it's hardly straightforward, the 'wiretap' allows Tarnovsky to read the instructions used to actually perform the cryptography within the chip - and thus reverse them, allowing for a full bypass of the security the Trusted Platform Module was designed to provide.

Tarnovsky's work involved the Infineon-manufactured TPM chips, one of the most popular models on the market - with modified versions finding their way into set top boxes, Microsoft's Xbox 360 console, and certain smartphones - but the hacker claims that his techniques can be applied to any model of TPM chip with similar success.

For its part, the Trusted Computing Group - behind the Trusted Platform Module - downplays the seriousness of the attack, stating that it is "exceedingly difficult to replicate in a real-world environment" and states that it "never claimed that a physical attack - given enough time, specialised equipment, know-how and money - was impossible."

One thing is for certain: with the Black Hat conference's founder - and member of the US Department of Homeland Security's advisory council - Jeff Moss describing the attack as "amazing" and akin to prying open the lock on Pandora's Box, there's likely to be a lot of security professionals experiencing a few sleepless nights once the Tarnovsky's presentation is released to the public.

Are you surprised to see the 'uncrackable' TPM laid bare in this manner, or is it such a ridiculous method of attack that no-one need worry? Share your thoughts over in the forums.

17 Comments

Discuss in the forums Reply
Digi 10th February 2010, 15:34 Quote
Depends if he can apply what he learned on how it encrypts to make software that will do it I guess. But I always love seeing these stories, learn something new every time.
mjm25 10th February 2010, 15:53 Quote
clever clever guy... and i suspect the most steady hands you've ever seen! he should be a darts player. probably.
mclean007 10th February 2010, 16:04 Quote
Interesting...

Having cracked one chip, does that mean he has cracked the entire TPM system, or just that particular model of chip, or just that individual chip? If the latter, not much to worry about; if the entire platform is now compromised, however, it's time to retire it.
cjmUK 10th February 2010, 16:13 Quote
So basically, providing you don't store nuclear secrets on your PC, TPM will continue to be sufficient for your needs.

If someone manages to gain physical access to machine, take apart the TPM chip, and use a logic probe to digitally eavesdrop, I'd say they are more the welcome to the data on my machine...
FeRaL 10th February 2010, 17:43 Quote
Not to sound too negative but, you guys could have done a little research on something as big as this is instead of adding to the sensationalism of it. A little more research would have revealed some more specifics, like that he had to use an electron microscope to pull this hack off.

BTW this news broke sometime last week... http://mcpmag.com/articles/2010/02/03/black-hat-engineer-cracks-tpm-chip.aspx
Neophyte4Life 10th February 2010, 18:54 Quote
I thought this was just assumed since the inception of the TPM chip. When i first learned about it, i was told that it could be cracked with physical access to the chip. This same concept applies with encryption. Your stuff might be safe from digital access but a cold boot attack can retrieve encryption keys. We are putting so much focus of the digital aspects of security that we forget about physical access. Put the freakn thing a steel valut and for the love of God man lock the door. Problem solved.
Phil Rhodes 10th February 2010, 19:17 Quote
I'm not sure why this is really news. Yes, obviously, if you're going to go to the lengths of etching the casing off the thing and firing a logic analyser at it, then yes, you can find out what it does and how it does so.

I'm sure this was indeed assumed since the inception of the TPM chip. All systems like this, from DVD to Blu-Ray to whatever else, where you need to let the person decode the content, are ultimately open to compromise because you must give the user both the encoded material and the means to decode it. The people who design these systems know this. What they're interested in is keeping the amount of compromises down to a bare minimum.

What's important is that this only really has to be done once in order to produce devices you could either piggyback on top of a compatible device, or produce a replacement device, and circumvent the entire floor show. And it has now been done once.

P
shanky887614 10th February 2010, 19:26 Quote
Quote:
Originally Posted by Neophyte4Life
I thought this was just assumed since the inception of the TPM chip. When i first learned about it, i was told that it could be cracked with physical access to the chip. This same concept applies with encryption. Your stuff might be safe from digital access but a cold boot attack can retrieve encryption keys. We are putting so much focus of the digital aspects of security that we forget about physical access. Put the freakn thing a steel valut and for the love of God man lock the door. Problem solved.

do you know safes can be cracked (in america for example they all have those stupied flat keys like you get on padlocks and you just get a bump key (done a key to nearly every home in america)(this is just a guess as i have never been to america and have never seen one, only ever heard about it
Saivert 10th February 2010, 19:45 Quote
picking locks is just down the alley from this. some of the computer hackers are also gifted lock pickers.
Sparrowhawk 10th February 2010, 19:56 Quote
Quote:
Originally Posted by Saivert
picking locks is just down the alley from this. some of the computer hackers are also gifted lock pickers.

Indeed. Some of MIT's best are now picking locks, too.
Neophyte4Life 10th February 2010, 21:11 Quote
Quote:
Originally Posted by shanky887614
do you know safes can be cracked (in america for example they all have those stupied flat keys like you get on padlocks and you just get a bump key (done a key to nearly every home in america)(this is just a guess as i have never been to america and have never seen one, only ever heard about it

Hire gordan freeman, master chief, and nomad in conjunction with the safe. Now it is fool proof.
dark_avenger 10th February 2010, 23:58 Quote
it maybe a very hard hack to redo but now that he has access to the chip the reverse engineering of the chip can begin to find easier ways of hacking it
Lazarus Dark 11th February 2010, 00:14 Quote
awe. You had my hopes up. TPM is a vile platform and I've longed for it's demise since before the first chips were produced...

But unless this physical hack can somehow lead to a software hack, then it's only use is if you happen to come into possession of a computer you're sure has valuable secrets.
dec 11th February 2010, 03:07 Quote
no matter how much code you write it still cant stop acid.....until the code turns into skynet
paisa666 11th February 2010, 16:20 Quote
I rather ask who's on charge of that server, kidnap the guy and punch the heck out of him til he gives me the codes.

I asure you is a faster and more effective method :)
livesabitch 12th February 2010, 03:16 Quote
Quote:
Originally Posted by paisa666
I rather ask who's on charge of that server, kidnap the guy and punch the heck out of him til he gives me the codes.

I asure you is a faster and more effective method :)

AGRRED! :-P
thehippoz 12th February 2010, 03:44 Quote
=] nice.. some engineer is doing a face plant right now- into some security guards ass as the boss goes balmer on him
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums