Type-Based Analysis of Protected Storage in the TPM

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8233)


The Trusted Platform Module (TPM) is designed to enable trustworthy computation and communication over open networks. The TPM provides a way to store cryptographic keys and other sensitive values in its shielded memory and act as Root of Trust for Storage (RTS). The TPM interacts with applications via a predefined set of commands (an API). In this paper, we give an abstraction model for the TPM 2.0 specification concentrating on Protected Storage part. With identification and formalization of their secrecy properties, we devise a type system with asymmetric cryptographic primitives to statically enforce and prove their security.


TPM Trusted computing Type system API analysis 


  1. 1.
    Abadi, M., Blanchet, B.: Secrecy types for asymmetric communication. Theoretical Computer Science 298(3), 387–415 (2003); In: Honsell, F., Miculan, M. (eds.) FOSSACS 2001. LNCS, vol. 2030, pp. 25–41. Springer, Heidelberg (2001)Google Scholar
  2. 2.
    Backes, M., Maffei, M., Unruh, D.: Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In: IEEE Symposium on Security and Privacy 2008, pp. 202–215 (2008)Google Scholar
  3. 3.
    Bruschi, D., Cavallaro, L., Lanzi, A., Monga, M.: Replay attack in TCG specification and solution. In: Proceedings of ACSAC 2005, Tucson, AZ (USA), vol. 10, pp. 127–137. ACSA, IEEE Computer Society (December 2005)Google Scholar
  4. 4.
    Centenaro, M., Focardi, R., Luccio, F.L.: Type-based analysis of PKCS#11 key management. In: Degano, P., Guttman, J.D. (eds.) Principles of Security and Trust. LNCS, vol. 7215, pp. 349–368. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  5. 5.
    Chen, L., Ryan, M.: Offline dictionary attack on TCG TPM weak authorisation data, and solution. In: Gawrock, D., Reimer, H., Sadeghi, A.-R., Vishik, C. (eds.) Future of Trust in Computing, pp. 193–196. Vieweg Teubner (2009)Google Scholar
  6. 6.
    Chen, L., Ryan, M.: Attack, solution and verification for shared authorisation data in TCG TPM. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 201–216. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  7. 7.
    Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: A formal analysis of authentication in the TPM. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 111–125. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  8. 8.
    Focardi, R., Maffei, M.: Types for Security Protocols. In: Formal Models and Techniques for Analyzing Security Protocol, vol. 5, ch. 7, pp. 143–181. IOS Press (2010)Google Scholar
  9. 9.
    Gürgens, S., Rudolph, C., Scheuermann, D., Atts, M., Plaga, R.: Security evaluation of scenarios based on the TCG’s TPM specification. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 438–453. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Lin, A.H., Rivest, R.L., Lin, A.H.: Automated analysis of security APIs. Technical report, MIT (2005)Google Scholar
  11. 11.
    ISO/IEC PAS DIS 11889: Information technology –Security techniques – Trusted Platform ModuleGoogle Scholar
  12. 12.
    Trusted Computing Group. TPM Specification version 1.2. Parts 1–3, revision,
  13. 13.
    Keighren, G., Aspinall, D., Steel, G.: Towards a Type System for Security APIs. In: Degano, P., Viganò, L. (eds.) ARSPA-WITS 2009. LNCS, vol. 5511, pp. 173–192. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  14. 14.
    Centenaro, M., Focardi, R., Luccio, F.L., Steel, G.: Type-based analysis of PIN processing APIs. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 53–68. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  15. 15.
    Trusted Computing Group. TPM Specification version 2.0. Parts 1–4, revision,
  16. 16.
    Shao, J., Feng, D., Qin, Y.: Type-Based Analysis of Protected Storage in the TPM (full version). Cryptology ePrint Archive (2013),

Copyright information

© Springer International Publishing Switzerland 2013

Authors and Affiliations

  1. 1.Trusted Computing and Information Assurance Laboratory, Institute of SoftwareChinese Academy of SciencesChina

Personalised recommendations