Abstract
The Trusted Platform Module (TPM) is designed to enable trustworthy computation and communication over open networks. The TPM provides a way to store cryptographic keys and other sensitive values in its shielded memory and act as Root of Trust for Storage (RTS). The TPM interacts with applications via a predefined set of commands (an API). In this paper, we give an abstraction model for the TPM 2.0 specification concentrating on Protected Storage part. With identification and formalization of their secrecy properties, we devise a type system with asymmetric cryptographic primitives to statically enforce and prove their security.
Chapter PDF
Similar content being viewed by others
References
Abadi, M., Blanchet, B.: Secrecy types for asymmetric communication. Theoretical Computer Science 298(3), 387–415 (2003); In: Honsell, F., Miculan, M. (eds.) FOSSACS 2001. LNCS, vol. 2030, pp. 25–41. Springer, Heidelberg (2001)
Backes, M., Maffei, M., Unruh, D.: Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In: IEEE Symposium on Security and Privacy 2008, pp. 202–215 (2008)
Bruschi, D., Cavallaro, L., Lanzi, A., Monga, M.: Replay attack in TCG specification and solution. In: Proceedings of ACSAC 2005, Tucson, AZ (USA), vol. 10, pp. 127–137. ACSA, IEEE Computer Society (December 2005)
Centenaro, M., Focardi, R., Luccio, F.L.: Type-based analysis of PKCS#11 key management. In: Degano, P., Guttman, J.D. (eds.) Principles of Security and Trust. LNCS, vol. 7215, pp. 349–368. Springer, Heidelberg (2012)
Chen, L., Ryan, M.: Offline dictionary attack on TCG TPM weak authorisation data, and solution. In: Gawrock, D., Reimer, H., Sadeghi, A.-R., Vishik, C. (eds.) Future of Trust in Computing, pp. 193–196. Vieweg Teubner (2009)
Chen, L., Ryan, M.: Attack, solution and verification for shared authorisation data in TCG TPM. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 201–216. Springer, Heidelberg (2010)
Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: A formal analysis of authentication in the TPM. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 111–125. Springer, Heidelberg (2011)
Focardi, R., Maffei, M.: Types for Security Protocols. In: Formal Models and Techniques for Analyzing Security Protocol, vol. 5, ch. 7, pp. 143–181. IOS Press (2010)
Gürgens, S., Rudolph, C., Scheuermann, D., Atts, M., Plaga, R.: Security evaluation of scenarios based on the TCG’s TPM specification. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 438–453. Springer, Heidelberg (2007)
Lin, A.H., Rivest, R.L., Lin, A.H.: Automated analysis of security APIs. Technical report, MIT (2005)
ISO/IEC PAS DIS 11889: Information technology –Security techniques – Trusted Platform Module
Trusted Computing Group. TPM Specification version 1.2. Parts 1–3, revision, http://www.trustedcomputinggroup.org/resources/tpm_main_specification
Keighren, G., Aspinall, D., Steel, G.: Towards a Type System for Security APIs. In: Degano, P., Viganò, L. (eds.) ARSPA-WITS 2009. LNCS, vol. 5511, pp. 173–192. Springer, Heidelberg (2009)
Centenaro, M., Focardi, R., Luccio, F.L., Steel, G.: Type-based analysis of PIN processing APIs. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 53–68. Springer, Heidelberg (2009)
Trusted Computing Group. TPM Specification version 2.0. Parts 1–4, revision, http://www.trustedcomputinggroup.org/resources/tpm_main_specification
Shao, J., Feng, D., Qin, Y.: Type-Based Analysis of Protected Storage in the TPM (full version). Cryptology ePrint Archive (2013), http://eprint.iacr.org/2013/501
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer International Publishing Switzerland
About this paper
Cite this paper
Shao, J., Feng, D., Qin, Y. (2013). Type-Based Analysis of Protected Storage in the TPM. In: Qing, S., Zhou, J., Liu, D. (eds) Information and Communications Security. ICICS 2013. Lecture Notes in Computer Science, vol 8233. Springer, Cham. https://doi.org/10.1007/978-3-319-02726-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-02726-5_11
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-02725-8
Online ISBN: 978-3-319-02726-5
eBook Packages: Computer ScienceComputer Science (R0)