Attack, solution and verification for shared authorisation data in TCG TPM

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5983 LNCS, Issue , 2010, Pages 201-216

  Chen, Liqun ^a   Ryan, Mark ^b  

^a HEWLETT PACKARD LABORATORIES   (United Kingdom)

^b UNIVERSITY OF BIRMINGHAM   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

IMPERSONATION ATTACK; NEW PROTOCOL; SECRECY PROPERTIES; SECURE STORAGE; SESSION KEY; TRUSTED PLATFORM MODULE;

THERMOELECTRIC POWER;

EID: 77953274755     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-12459-4_15     Document Type: Conference Paper

References (14)

1. ISO/IEC 11770-4: Information technology - Security techniques - Key management - Part 4: Mechanisms based on weak secrets
2. ISO/IEC 18033-2: Information technology - Security techniques - Encryption algorithms - Part 2: Asymmetric ciphers
3. ISO/IEC 18033-3: Information technology - Security techniques - Encryption algorithms - Part 3: Block ciphers
4. ISO/IEC 19772: Information technology - Security techniques - Authenticated encryption
5. ISO/IEC 9797-2: Information technology - Security techniques - Message authentication codes (MACs) - Part 2: Mechanisms using a dedicated hash-function
6. ISO/IEC, P.D.: 11889: Information technology - Security techniques - Trusted platform module
7. Ables, K.: An attack on key delegation in the trusted platform module (first semester mini-project in computer security). Master's thesis, School of Computer Science, University of Birmingham (2009)
8. Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Schneider, S. (ed.) 14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, June 2001, pp. 82-96. IEEE Computer Society Press, Los Alamitos (2001)
9. Blanchet, B.: ProVerif: Automatic Cryptographic Protocol Verifier User Manual (2008)
10. Bruschi, D., Cavallaro, L., Lanzi, A., Monga, M.: Replay attack in TCG specification and solution. In: ACSAC 2005: Proceedings of the 21st Annual Computer Security Applications Conference, pp. 127-137. IEEE Computer Society, Los Alamitos (2005) (Pubitemid 46116470)
11. Chen, L., Ryan, M.D.: Offline dictionary attack on TCG TPM weak authorisation data, and solution. In: Grawrock, D., Reimer, H., Sadeghi, A., Vishik, C. (eds.) Future of Trust in Computing. Vieweg & Teubner (2008)
12. Gürgens, S., Rudolph, C., Scheuermann, D., Atts, M., Plaga, R.: Security evaluation of scenarios based on the TCG's TPM specification. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 438-453. Springer, Heidelberg (2007)
13. Lin, A.H.: Automated Analysis of Security APIs. Master's thesis, MIT (2005), http://sdg.csail.mit.edu/pubs/theses/amerson-masters.pdf
14. Trusted Computing Group. TPM Specification version 1.2. Parts 1-3 (2007), http://www.trustedcomputinggroup.org/specs/TPM/