The Trusted Platform Module (TPM) is a system component that provides a hardware-based approach to establish trust in a platform by providing protected storage, robust platform integrity measurement, secure platform attestation and other secure functionalities. The access to TPM commands and TPM-resident key objects are protected via an authorization mechanism. Enhanced Authorization (EA) is a new mechanism introduced by the TPM 2.0 to provide a rich authorization model for specifying flexible access control policies for TPM-resident objects.In our paper, we conduct a formal verification of the EA mechanism. Firstly, we propose a model of the TPM 2.0 EA mechanism in a variant of the applied pi calculus. Secondly, we identify and formalize the security properties of the EA mechanism (Prop.1 and 2) in its design. We also give out a misuse problem that is easily to be neglected (Lemma 7). Thirdly, using the SAPIC tool and the tamarin prover, we have verified both the two security properties. Meanwhile, we have found 3 misuse cases and one of them leads to an attack on the application in [12].
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.