TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips

The Trusted Platform Module (TPM) is a widely deployed computer component that provides increased protection of key material during cryptographic operations, secure storage, and support for a secure boot with a remotely attestable state of the target machine. A systematic study of the TPM ecosystem, its cryptographic properties, and the orderliness of vulnerability mitigation is missing despite its pervasive deployment – likely due to the black-box nature of the implementations. We collected metadata, RSA and ECC cryptographic keys, and performance characteristics from 78 different TPM versions manufactured by 6 vendors, including recent Pluton-based iTPMs, to systematically analyze TPM implementations. Surprisingly, a high rate of changes with a detectable impact on generated secrets, the timing of cryptographic operations, and frequent off-chip generation of Endorsement Keys were observed. Our analysis of public artifacts for TPM-related products certified under Common Criteria (CC) and FIPS 140 showed relatively high popularity of TPMs but without explanation for these changes in cryptographic implementations. Despite TPMs being commonly certified to CC EAL4+, serious vulnerabilities like ROCA or TPM-Fail were discovered in the past. We found a range of additional unreported nonce leakages in ECDSA, ECSCHNORR, and ECDAA algorithms in dTPMs and fTPMs of three vendors. The most serious discovered leakage allows extraction of the private key of certain Intel’s fTPM versions using only nine signatures with no need for any side-channel information, making the vulnerability retrospectively exploitable despite a subsequent firmware update. Unreported timing leakages were discovered in the implementations of ECC algorithms on multiple Nuvoton TPMs, and other previously reported leakages were confirmed. The analysis also unveiled incompleteness of vulnerability reporting and subsequent mitigation with missing clear information about the affected versions and inconsistent fixes

Posouzeni koroznich skod na objektech bytovych jednotek v Kosmonosich.

Available from STL Prague, CZ / NTK - National Technical LibrarySIGLECZCzech Republi

Vyhodnoceni zkousek variantne zatizeneho proskleneho pasu povrchoveho tubusu metra.

Available from STL Prague, CZ / NTK - National Technical LibrarySIGLECZCzech Republi

Vascular Remodeling of Clinically Used Patches and Decellularized Pericardial Matrices Recellularized with Autologous or Allogeneic Cells in a Porcine Carotid Artery Model

Background: Cardiovascular surgery is confronted by a lack of suitable materials for patch repair. Acellular animal tissues serve as an abundant source of promising biomaterials. The aim of our study was to explore the bio-integration of decellularized or recellularized pericardial matrices in vivo. Methods: Porcine (allograft) and ovine (heterograft, xenograft) pericardia were decellularized using 1% sodium dodecyl sulfate ((1) Allo-decel and (2) Xeno-decel). We used two cell types for pressure-stimulated recellularization in a bioreactor: autologous adipose tissue-derived stromal cells (ASCs) isolated from subcutaneous fat of pigs ((3) Allo-ASC and (4) Xeno-ASC) and allogeneic Wharton’s jelly mesenchymal stem cells (WJCs) ((5) Allo-WJC and (6) Xeno-WJC). These six experimental patches were implanted in porcine carotid arteries for one month. For comparison, we also implanted six types of control patches, namely, arterial or venous autografts, expanded polytetrafluoroethylene (ePTFE Propaten® Gore®), polyethylene terephthalate (PET Vascutek®), chemically stabilized bovine pericardium (XenoSure®), and detoxified porcine pericardium (BioIntegral® NoReact®). The grafts were evaluated through the use of flowmetry, angiography, and histological examination. Results: All grafts were well-integrated and patent with no signs of thrombosis, stenosis, or aneurysm. A histological analysis revealed that the arterial autograft resembled a native artery. All other control and experimental patches developed neo-adventitial inflammation (NAI) and neo-intimal hyperplasia (NIH), and the endothelial lining was present. NAI and NIH were most prominent on XenoSure® and Xeno-decel and least prominent on NoReact®. In xenografts, the degree of NIH developed in the following order: Xeno-decel > Xeno-ASC > Xeno-WJC. NAI and patch resorption increased in Allo-ASC and Xeno-ASC and decreased in Allo-WJC and Xeno-WJC. Conclusions: In our setting, pre-implant seeding with ASC or WJC had a modest impact on vascular patch remodeling. However, ASC increased the neo-adventitial inflammatory reaction and patch resorption, suggesting accelerated remodeling. WJC mitigated this response, as well as neo-intimal hyperplasia on xenografts, suggesting immunomodulatory properties