Researchers demonstrate attacking with the sleep function of the Trusted Platform Module
If there are no surprises, each motherboard manufacturer will release a new version of firmware next month, because the security-safe Trusted Platform Module (TPM ) is found to be a further weakness.
The Trusted Platform Module (TPM ), a dedicated crypto processor, is used to increase security, which is typically deployed on high-security or high-value devices.
The specific use of the TPM uses a high-intensity encryption algorithm to verify whether the hardware components change when the device starts, to ensure that the hardware components have not been tampered with, and so on.
Attacks that exploit automatic sleep:
The researchers at the Korea National Security Institute mainly used automatic sleep, and then reset the TPM module by automatic dormancy to create a false trust chain.
The use of automatic sleep power control can achieve the purpose of stealing the component hash value and can forge the same hash value to let TPM think that the component has not tampered.
Auto-sleep is a function that many hardware supports at present, mainly because the device is powered off when it is not in use so that it can reduce power consumption and save more power.
The vulnerabilities exploited by the researchers are vulnerabilities in the TPM protocol itself, so the protocol vulnerabilities can be fixed by updating the firmware.
Since the current vendors have not released new firmware, the researchers have not revealed more details, and no exploits have been discovered.
Vulnerabilities exploited by dynamic trust:
In addition to exploiting automatic hibernation, researchers can use the weakness of dynamic trust measurement to attack, but this approach has a smaller impact.
Because the vulnerability occurred on Intel’s trusted execution technology, researchers have already submitted vulnerabilities to Intel at the end of last year and have now fixed the vulnerability.
Therefore, the firmware released by the manufacturer in the next few months is mainly to repair the automatic dormancy attack. Users who use the TPM module remember to upgrade.
Via: bleepingcomputer
