Title :
Security Analysis of OIAP Implementation Based on BAN Logic
Author :
Shiwei, Xu ; Huanguo, Zhang ; Fei, Yan ; Mingdi, Xu ; Zhide, Li
Author_Institution :
Sch. of Comput., Wuhan Univ., Wuhan, China
Abstract :
In the specification of trusted platform module (TPM), object-independent authorization protocol (OIAP) is the protocol which guarantees the security of the communication between TPM and its users. Nowadays, there are many TPM manufacturers having made their own TPM. However, some of the TPM manufacturers don´t implement the TPM completely according to the specification of TPM. In this paper, BAN logic is used to construct an ideal model of OIAP. The security of the OIAP implemented by some TPM manufacturers is analyzed with the initial hypothesis and the logic postulate. From the result of analyzing, the inappropriate implementation of OIAP by the TPM manufacturers would lead to a replay attack, and the data in the data integrity register (DIR) and non-volatile (NV) storage would be contaminated by this attack.
Keywords :
protocols; random-access storage; security of data; BAN logic; OIAP implementation; data integrity register; nonvolatile storage; object-independent authorization protocol; replay attack; security analysis; trusted platform module; Authorization; Body sensor networks; Computer networks; Computer security; Data security; Information security; Logic; Manufacturing; Protection; Protocols; Authentication Protocol; BAN Logic; Formalized analysis; OIAP;
Conference_Titel :
Multimedia Information Networking and Security, 2009. MINES '09. International Conference on
Conference_Location :
Hubei
Print_ISBN :
978-0-7695-3843-3
Electronic_ISBN :
978-1-4244-5068-8
DOI :
10.1109/MINES.2009.106
