Security Analysis and Research on TPM Migratable Key
暂无分享,去创建一个
TPM key migration mechanism put keys into two categories in accordance with the migration characteristics.This paper gives a deep security analysis of TPM migratable keys,and points out some security flaws about TPM key migration.First,by key migration mechanism,the TPM owner can export a migratable key in the form of migration blob,decrypt the blob,and get the plaintext of the TPM private key.Second,a TPM user can use TPM key migration mechanism to import a non-TPM generated key blob into TPM.Third,a TPM user can construct a loadable blob of a non-TPM generated key,and then load it into TPM by the TPM key loading command.On the basis of analyzing the TPM specification theoretically,we give an attack in technical view,and propose a solution to one of the security problems.The analysis indicates that the TPM key migration mechanism,in spite of improving key interoperability between TPMs,reduces the security strength of the migratable key.Therefore,TPM users must think over the security weaknesses when using migratable keys,and do not use migratable keys in security critical operation as far as possible.