![]() |
Dartmouth College Computer Science Technical Report series |
CS home TR home TR search TR listserv |
By author: | A B C D E F G H I J K L M N O P Q R S T U V W X Y Z | |
By number: | 2018, 2017, 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009, 2008, 2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000, 1999, 1998, 1997, 1996, 1995, 1994, 1993, 1992, 1991, 1990, 1989, 1988, 1987, 1986 |
Abstract:
Trusted Platform Modules (TPMs) are becoming ubiquitous devices included
in newly released personal computers. Broadly speaking, the aim
of this technology is to provide a facility for authenticating the platform on
which they are running: they are able to measure attest to the authenticity
of a hardware and software configuration. Designed to be cheap, commodity
devices which motherboard and processor vendors can include in
their products with minimal marginal cost, these devices have a good theoretical
design. Unfortunately, there exist several practical constraints on
the effectiveness of TPMs and the architectures which employ them which
leave them open to attack. We demonstrate some hardware and software attacks
against these devices and architectures. These attacks include Time of
Check/Time of Use attacks on the Integrity Measurment Architecture, and a
bus attack against the Low Pin Count bus. Further, we explore the possibility
of side-channel attacks against TPMs.
Note:
Senior Honors Thesis.
Advisor: Sean Smith.
Bibliographic citation for this report: [plain text] [BIB] [BibTeX] [Refer]
Or copy and paste:
Evan R. Sparks,
"A Security Assessment of Trusted Platform Modules."
Dartmouth Computer Science Technical Report TR2007-597,
June 2007.
Notify me about new tech reports.
To receive paper copy of a report, by mail, send your address and the TR number to reports AT cs.dartmouth.edu
Copyright notice: The documents contained in this server are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
Technical reports collection maintained by David Kotz.