Formal Analysis of Enhanced Authorization in the TPM 2.0

Shao, Jianxiong; Qin, Yu; Feng, Dan; Wang, Weijin

doi:10.1145/2714576.2714610

Cited by 16 publications

(11 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In [19], [20], Delaune et al analyse parts of the Trusted Platform Module (TPM) [21] instruction set using ProVerif. In [22], Shao et al model the enhanced authorization mechanism introduced in the TPM 2.0 specification and analyse it using SAPIC. These approaches are however different in the sense that they model some instructions offered by the TPM, while we directly add a report mechanism to the language.…”

Section: Related Workmentioning

confidence: 99%

Symbolic Models for Isolated Execution Environments

Jacomme

Kremer

Scerri

2017

2017 IEEE European Symposium on Security and Privacy (EuroS&P)

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

Symbolic Models for Isolated Execution Environments

Jacomme

Kremer

Scerri

2017

2017 IEEE European Symposium on Security and Privacy (EuroS&P)

View full text Add to dashboard Cite

“…In our modelling of the Yubikey the server can handle several requests from different devices in parallel, which was not possible in the direct modelling in [21]. Another example is the model of the enhanced authorization mechanism introduced in the TPM 2.0 specification by Shao et al [32]. In this work, a model of the TPM that executes API commands sequentially is compared to one that executes them in parallel, finding flaws in the parallel version.…”

Section: Related Workmentioning

confidence: 99%

“…The present calculus and verification method have been used to verify a configuration of the key-management API PKCS#11 [20] and was extended with loops to allow for the analysis of the streaming protocol TESLA [25]. In [32], Shao et al used our tool to analyse the enhanced authorization mechanism introduced in the TPM 2.0 specification.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Automated Analysis of Security Protocols with Global State

Kremer

Künnemann²

2014

2014 IEEE Symposium on Security and Privacy

View full text Add to dashboard Cite

Abstract. Security APIs, key servers and protocols that need to keep the status of transactions, require to maintain a global, non-monotonic state, e.g., in the form of a database or register. However, most existing automated verification tools do not support the analysis of such stateful security protocols -sometimes because of fundamental reasons, such as the encoding of the protocol as Horn clauses, which are inherently monotonic. A notable exception is the recent tamarin prover which allows specifying protocols as multiset rewrite (msr) rules, a formalism expressive enough to encode state. As multiset rewriting is a "low-level" specification language with no direct support for concurrent message passing, encoding protocols correctly is a difficult and error-prone process.We propose a process calculus which is a variant of the applied pi calculus with constructs for manipulation of a global state by processes running in parallel. We show that this language can be translated to msr rules whilst preserving all security properties expressible in a dedicated first-order logic for security properties. The translation has been implemented in a prototype tool which uses the tamarin prover as a backend. We apply the tool to several case studies among which a simplified fragment of PKCS#11, the Yubikey security token, and an optimistic contract signing protocol.

show abstract

“…HMAC 授权会话方面, 我们在计算模型下使用安全协议验证工具 CryptoVerif 分析了 TPM 2.0 的 HMAC 授权, 证明 HMAC 授权会话满足认证性 [17] . 策略授权方面, 采用应用 Pi 演算形式化分析了 TPM 2.0 的策略授权安全机制, 通过 Tarmarin 自动化验证工具我们发现 NV 策略授权存在 TOCTOU 攻击 [18] . DAA 协议接口方面, 我们发现 TPM 2.0 规范所实现的 DAA 协议 API 存在 Static DH oracle 攻击的风险 [19] , 并且基于进程代数对 DAA 协议实现建模分析, 利用进程演算验证工具 ProVerif 自动化分析发现 DAA 协议不满足前向匿名性.…”

unclassified