Formal analysis of HMAC authorisation in the TPM2.0 specification

The Trusted Platform Module (TPM) is a system component that provides a hardware-based approach to establish trust in a platform. The latest TPM2.0 specification was accepted as the ISO standard in 2015. It offers functionality for key management by storing keys into the TPM's protected storage. The access to the TPM-resident key object is protected by the session-based authorisation mechanism. This mechanism is keyed to the object's authorisation value known as authValue and the session-bound secret value known as sessionKey. The new authValue introduced into the TPM is protected by the sessionbased encryption mechanism, which is also keyed on the sessionKey. In the authors' study, they conduct a formal analysis of the TPM2.0 HMAC (hash message authentication code) authorisation mechanism used in the key management. They first use the stateful applied π calculus to formalise the session-based HMAC authorisation and encryption mechanisms in a model of TPM2.0 API commands. They propose a threat model to formalise the secrecy and authentication properties. Then they discuss several attacking scenarios in practice where the sessionKey could be disclosed. They also instantiate their threat model according to specific attacking scenarios. By using the SAPIC tool and the tamarin prover, they automatically give out the analysis results of their models.

[1]  Graham Steel,et al.  A Formal Analysis of Authentication in the TPM , 2010, Formal Aspects in Security and Trust.

[2]  Dengguo Feng,et al.  Formal analysis of TPM2.0 key management APIs , 2014 .

[3]  David A. Basin,et al.  Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[4]  Li Xi,et al.  DAA-Related APIs in TPM 2.0 Revisited , 2014, TRUST.

[5]  Jiangtao Li,et al.  Flexible and scalable digital signatures in TPM 2.0 , 2013, CCS.

[6]  Dengguo Feng,et al.  Automated Proof for Authorization Protocols of TPM 2.0 in Computational Model , 2014, ISPEC.

[7]  Robert Künnemann,et al.  Automated Analysis of Security Protocols with Global State , 2014, 2014 IEEE Symposium on Security and Privacy.

[8]  Mark Ryan,et al.  Attack, Solution and Verification for Shared Authorisation Data in TCG TPM , 2009, Formal Aspects in Security and Trust.

[9]  Dengguo Feng,et al.  Type-Based Analysis of Protected Storage in the TPM , 2013, ICICS.

[10]  Bo Zhao,et al.  A formal analysis of Trusted Platform Module 2.0 hash-based message authentication code authorization under digital rights management scenario , 2016, Secur. Commun. Networks.

[11]  Graham Steel,et al.  Formal Analysis of Protocols Based on TPM State Registers , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[12]  Mattia Monga,et al.  Replay attack in TCG specification and solution , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[13]  Carsten Rudolph,et al.  Security Evaluation of Scenarios Based on the TCG's TPM Specification , 2007, ESORICS.

[14]  Mark Ryan,et al.  Stateful Applied Pi Calculus , 2014, POST.

[15]  Dengguo Feng,et al.  Formal Analysis of Enhanced Authorization in the TPM 2.0 , 2015, AsiaCCS.