Replay Attack in TCG Specification and Solution

Tucson, Arizona December 05-December 09

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/CSAC.2005.47

21st Annual Computer Security Applica ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Danilo Bruschi Articles by Lorenzo Cavallaro Articles by Andrea Lanzi Articles by Mattia Monga

	ASCII Text	x
	Danilo Bruschi, Lorenzo Cavallaro, Andrea Lanzi, Mattia Monga, "Replay Attack in TCG Specification and Solution," Computer Security Applications Conference, Annual, pp. 127-137, 21st Annual Computer Security Applications Conference (ACSAC'05), 2005.

	BibTex	x
	@article{ 10.1109/CSAC.2005.47, author = {Danilo Bruschi and Lorenzo Cavallaro and Andrea Lanzi and Mattia Monga}, title = {Replay Attack in TCG Specification and Solution}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2005}, issn = {1063-9527}, pages = {127-137}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2005.47}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Replay Attack in TCG Specification and Solution SN - 1063-9527 SP127 EP137 A1 - Danilo Bruschi, A1 - Lorenzo Cavallaro, A1 - Andrea Lanzi, A1 - Mattia Monga, PY - 2005 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Danilo Bruschi, Universita degli Studi di Milano

Lorenzo Cavallaro, Universita degli Studi di Milano

Andrea Lanzi, Universita degli Studi di Milano

Mattia Monga, Universita degli Studi di Milano

We prove the existence of a flaw which we individuated in the design of the Object-Independent Authorization Protocol (OIAP), which represents one of the building blocks of the Trusted Platform Module (TPM), the core of the Trusted Computing Platforms (TPs) as devised by the Trusted Computing Group (TCG) standards. In particular, we prove, also with the support of a model checker, that the protocol is exposed to replay attacks, which could be used for compromising the correct behavior of a TP. We also propose a countermeasure to undertake in order to avoid such an attack as well as any replay attacks to the aforementioned protocol.

Citation:

Danilo Bruschi, Lorenzo Cavallaro, Andrea Lanzi, Mattia Monga, "Replay Attack in TCG Specification and Solution," acsac, pp.127-137, 21st Annual Computer Security Applications Conference (ACSAC'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.