DOI QR코드

DOI QR Code

An Off-line Dictionary Attack on Command Authorization in TPM and its Countermeasure

TPM에서 명령어 인가에 대한 오프라인 사전 공격과 대응책

  • Oh, Doo-Hwan (Dept. of Information Security, Hoseo University) ;
  • Choi, Doo-Sik (Dept. of Information Security, Hoseo University) ;
  • Kim, Ki-Hyun (Dept. of Computer Eng., Chungbuk National University) ;
  • Ha, Jae-Cheol (Dept. of Information Security, Hoseo University)
  • 오두환 (호서대학교 정보보호학과) ;
  • 최두식 (호서대학교 정보보호학과) ;
  • 김기현 (충북대학교 컴퓨터공학과) ;
  • 하재철 (호서대학교 정보보호학과)
  • Received : 2010.12.30
  • Accepted : 2011.04.07
  • Published : 2011.04.30

Abstract

The TPM is a hardware chip for making a trusted environment on computing system. We previously need a command authorization process to use principal TPM commands. The command authorization is used to verify an user who knows a usage secret to TPM chip. Since the user uses a simple password to compute usage secret, an attacker can retrieve the password by evasdropping messages between user and TPM chip and applying off-line dictionary attack. In this paper, we simulate the off-line dictionary attack in real PC environment adopted a TPM chip and propose a novel countermeasure to defeat this attack. Our proposed method is very efficient due to its simplicity and adaptability without any modification of TPM command structures.

Keywords

References

  1. 김영수, 박영수, 박지만, 김무섭, 김영세, 주홍일, 김명은, 김학두, 최수길, 정성익, "신뢰 컴퓨팅과 TCG동향", 전자통신동향분석, 제22권, 제1호, pp. 83-96, 2007.
  2. 강동호, 한진희, 이윤경, 조영섭, 한승완, 김정녀, 조현숙, "스마트폰 보안 위협 및 대응 기술", 전자통신동향분석, 제 25권 3호, 2010.
  3. Trusted Computing Group, "About TCG", Available at http://www.trustedcomputinggroup.org
  4. ISO/IEC 11889-1 : Information technology - Security techniques - Trusted Platform Module - Part 1: Overview, 2009.
  5. ISO/IEC 11889-2 : Information technology - Security techniques - Trusted Platform Module - Part 2: Design principles, 2009.
  6. ISO/IEC 11889-3 : Information technology - Security techniques - Trusted Platform Module - Part 3: Structures, 2009.
  7. ISO/IEC 11889-4 : Information technology - Security techniques - Trusted Platform Module - Part 4: Command, 2009.
  8. FIPS PUB 180-1, Secure Hash Standard (SHA-1), National Institute of Standards and Technology(NIST), 1995.
  9. FIPS PUB 180-1, The Keyed-Hash Message Authentication Code(HMAC), National Institute of Standards and Technology(NIST), 2002.
  10. L. Chen and M. D. Ryan, "Offline dictionary attack on TCG TPM weak authorization data, and solution", Future of Trust in Computing, Vieweg & Teubner, 2008.
  11. D. Jablon, "Strong password-only authenticated key exchange", Computer Communication Review, 26(5):5-26, ACM SIGCOMM, Oct. 1996. https://doi.org/10.1145/242896.242897
  12. D. Jablon, "Extended password key exchange protocols immune to dictionary attack", In Proceedings of WET-ICE'97, pp. 248-255, 1997.
  13. Trusted Computing Group, "TCG Software Stack(TSS) Specification Version 1.2 Level 1 Errata A", 2007.
  14. Infineon, "Trusted Platform Module TPM 1.2 SLB 9635TT1.2", Available at http://www.infineon.com/tpm