%T A Security Assessment of Trusted Platform Modules
%A Evan R. Sparks
%R Technical Report TR2007-597
%I Dartmouth College, Computer Science
%C Hanover, NH
%D June 2007
%U http://www.cs.dartmouth.edu/reports/TR2007-597.ps.Z
%X
 Trusted Platform Modules (TPMs) are becoming ubiquitous devices included
 in newly released personal computers. Broadly speaking, the aim
 of this technology is to provide a facility for authenticating the platform on
 which they are running: they are able to measure attest to the authenticity
 of a hardware and software configuration. Designed to be cheap, commodity
 devices which motherboard and processor vendors can include in
 their products with minimal marginal cost, these devices have a good theoretical
 design. Unfortunately, there exist several practical constraints on
 the effectiveness of TPMs and the architectures which employ them which
 leave them open to attack. We demonstrate some hardware and software attacks
 against these devices and architectures. These attacks include Time of
 Check/Time of Use attacks on the Integrity Measurment Architecture, and a
 bus attack against the Low Pin Count bus. Further, we explore the possibility
 of side-channel attacks against TPMs.
%Z
 Senior Honors Thesis.
 Advisor: Sean Smith.