• DocumentCode
    2858100
  • Title

    Replay attack in TCG specification and solution

  • Author

    Bruschi, Danilo ; Cavallaro, Lorenzo ; Lanzi, Andrea ; Monga, Mattia

  • Author_Institution
    Dipt. di Informatica e Comunicazione, Univ. degli Studi di Milano
  • fYear
    2005
  • fDate
    5-9 Dec. 2005
  • Lastpage
    137
  • Abstract
    We prove the existence of a flaw which we individuated in the design of the object-independent authorization protocol (OIAP), which represents one of the building blocks of the trusted platform module (TPM), the core of the trusted computing platforms (TPs) as devised by the trusted computing group (TCG) standards. In particular, we prove, also with the support of a model checker, that the protocol is exposed to replay attacks, which could be used for compromising the correct behavior of a TP We also propose a countermeasure to undertake in order to avoid such an attack as well as any replay attacks to the aforementioned protocol
  • Keywords
    authorisation; formal specification; model checker; object-independent authorization protocol; replay attack; trusted computing group solution; trusted computing group specification; trusted computing group standards; trusted computing platform module; Access protocols; Application software; Authorization; Buildings; Communications technology; Computational modeling; Computer security; Digital signatures; Embedded software; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Applications Conference, 21st Annual
  • Conference_Location
    Tucson, AZ
  • ISSN
    1063-9527
  • Print_ISBN
    0-7695-2461-3
  • Type

    conf

  • DOI
    10.1109/CSAC.2005.47
  • Filename
    1565241
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2858100