faulTPM: Exposing AMD fTPMs' Deepest Secrets

Trusted Platform Modules constitute an integral building block of modern security features. Moreover, as Windows 11 made a TPM 2.0 mandatory, they are subject to an ever-increasing academic challenge. While discrete TPMs - as found in higher-end systems - have been susceptible to attacks on their exposed communication interface, more common firmware TPMs (fTPMs) are immune to this attack vector as they do not communicate with the CPU via an exposed bus. In this paper, we analyze a new class of attacks against fTPMs: Attacking their Trusted Execution Environment can lead to a full TPM state compromise. We experimentally verify this attack by compromising the AMD Secure Processor, which constitutes the TEE for AMD's fTPMs. In contrast to previous dTPM sniffing attacks, this vulnerability exposes the complete internal TPM state of the fTPM. It allows us to extract any cryptographic material stored or sealed by the fTPM regardless of authentication mechanisms such as Platform Configuration Register validation or passphrases with anti-hammering protection. First, we demonstrate the impact of our findings by - to the best of our knowledge - enabling the first attack against Full Disk Encryption solutions backed by an fTPM. Furthermore, we lay out how any application relying solely on the security properties of the TPM - like Bitlocker's TPM- only protector - can be defeated by an attacker with 2-3 hours of physical access to the target device. Lastly, we analyze the impact of our attack on FDE solutions protected by a TPM and PIN strategy. While a naive implementation also leaves the disk completely unprotected, we find that BitLocker's FDE implementation withholds some protection depending on the complexity of the used PIN. Our results show that when an fTPM's internal state is compromised, a TPM and PIN strategy for FDE is less secure than TPM-less protection with a reasonable passphrase.Comment: *Both authors contributed equally. We publish all code necessary to mount the attack under https://github.com/PSPReverse/ftpm_attack. The repository further includes several intermediate results, e.g., flash memory dumps, to retrace the attack process without possessing the target boards and required hardware tool

HiGate (High Grade Anti‐Tamper Equipment) Prototype and Application to e‐Discovery

These days, most data is digitized and processed in various ways by computers. In the past, computer owners were free to process data as desired and to observe the inputted data as well as the interim results. However, the unrestricted processing of data and accessing of interim results even by computer users is associated with an increasing number of adverse events. These adverse events often occur when sensitive data such as personal or confidential business information must be handled by two or more parties, such as in the case of e-Discovery, used in legal proceedings, or epidemiologic studies. To solve this problem, providers encrypt data, and the owner of the computer performs decoding in the memory for encrypted data. The computer owner can be limited to performing only certain processing of data and to observing only the final results. As an implementation that uses existing technology to realize this solution, the processing of data contained in a smart card was considered, but such an implementation would not be practical due to issues related to computer capacity and processing speed. Accordingly, the authors present the concept of PC-based High Grade Anti-Tamper Equipment (HiGATE), which allows data to be handled without revealing the data content to administrators or users. To verify this concept, an e-Discovery application on a prototype was executed and the results are reported here. Keyword: Anti-Tamper, e-Discovery, Bitlocker, APIHoo

HiGate (High Grade Anti-Tamper Equipment) Prototype and Application to e-Discovery

These days, most data is digitized and processed in various ways by computers. In the past, computer owners were free to process data as desired and to observe the inputted data as well as the interim results. However, the unrestricted processing of data and accessing of interim results even by computer users is associated with an increasing number of adverse events. These adverse events often occur when sensitive data such as personal or confidential business information must be handled by two or more parties, such as in the case of e-Discovery, used in legal proceedings, or epidemiologic studies. To solve this problem, providers encrypt data, and the owner of the computer performs decoding in the memory for encrypted data. The computer owner can be limited to performing only certain processing of data and to observing only the final results. As an implementation that uses existing technology to realize this solution, the processing of data contained in a smart card was considered, but such an implementation would not be practical due to issues related to computer capacity and processing speed. Accordingly, the authors present the concept of PC-based High Grade AntiTamper Equipment (HiGATE), which allows data to be handled without revealing the data content to administrators or users. To verify this concept, an eDiscovery application on a prototype was executed and the results are reported here

Evaluating Windows Vista user account security

In the current Windows version (Vista), as in all previous versions, creating a user account without setting a password is possible. For a personal PC this might be without too much risk, although it is not recommended, even by Microsoft itself. However, for business computers it is necessary to restrict access to the computers, starting with defining a different password for every user account. For the earlier versions of Windows, a lot of resources can be found giving advice how to construct passwords of user accounts. In some extent they contain remarks concerning the suitability of their solution for Windows Vista. But all these resources are not very precise about what kind of passwords the user must use. To assess the protection of passwords, it is very useful to know how effective the widely available applications for cracking passwords. This research analyzes, in which way an attacker is able to obtain the password of a Windows Vista PC. During this research the physical access to the PC is needed. This research shows that password consists of 8 characters with small letter characters and numbers can easily be cracked if it has know usual combinations. Whereas a Dictionary Attack will probably not find unusual combinations. Adding captel letter characters will make the process harder as there are several more combinations, so it will take longer time but is still feasible. Taking into account special characters it will probably take too long time and even most Dictionary Attacks will fail. For rainbow tables the size of the table has to be considered. If it is not too big, even these small passwords cannot be cracked. For longer passwords probably the simplest ones, small letter characters and numbers, can be cracked only. In this case brute force takes too long time in most cases and a dictionary will contain only a few words this long and even the rainbow tables become too large for normal use. They can only be successful if enough limitations are known and the overall size of the table can be limited

Laptop theft: a case study on effectiveness of security mechanisms in open organizations

Organizations rely on physical, technical and procedural mechanisms to protect their physical assets. Of all physical assets, laptops are the probably the most troublesome to protect, since laptops are easy to remove and conceal. Organizations open to the public, such as hospitals and universities, are easy targets for laptop thieves, since every day hundreds of people not employed by the organization wander in the premises. The problem security professionals face is how to protect the laptops in such open organizations. \ud \ud In this study, we look at the eectiveness of the security mechanisms against laptop theft in two universities. We analyze the logs from laptop thefts in both universities and complement the results with penetration tests. The results from the study show that surveillance cameras and access control have a limited role in the security of the organization and that the level of security awareness of the employees plays the biggest role in stopping theft. The results of this study are intended to aid security professionals in the prioritization of security mechanisms

The Skeleton in the Hard Drive: Encryption and the Fifth Amendment

In Teva Pharmaceuticals USA, Inc. v. Sandoz, Inc., the Supreme Court addressed an oft-discussed jurisprudential disconnect between itself and the U.S. Court of Appeals for the Federal Circuit: whether patent claim construction was “legal” or “factual” in nature, and how much deference is due to district court decision-making in this area. This Article closely examines the Teva opinion and situates it within modern claim construction jurisprudence. The thesis is that the Teva holding is likely to have only very modest effects on the incidence of deference to district court claim construction, but that for unexpected reasons the case is far more important—and potentially beneficial—than it appears. This Article argues that Teva is likely to have a substantial impact on the methodology of patent claim construction. There are at least two reasons for this. First, the players involved in district court patent litigation now have an increased incentive to introduce extrinsic evidence concerning claim meaning and to argue that such evidence is critical to the outcome of claim construction. Second, the Teva opinion itself contemplates a two-step process of evidentiary analysis in claim construction: first an analysis of extrinsic evidence (fact), then an analysis of the weight and direction of such evidence in the patent (law). The post-Teva mode of claim construction in district courts is therefore likely to be far more focused on objective, factual information concerning the ordinary meaning of claim terms, or the ways that skilled artisans would understand claim terms generally. This Article further argues that these changes to the methodology of patent claim construction are generally positive. By anchoring claim meaning in objective evidence and following an established process for evaluating claim terms, this methodology should result in more predictability in litigation-driven claim construction, better drafted patent claims in the longer term, and ultimately, a patent law that more finely tunes the system of incentives it is supposed to regulate—all changes that, if realized, should be welcomed by the patent system, most of its participants, and the public