Trusted Platform Module (TPM) Current Issues
- Type of paperOther
- SubjectTechnology
- Number of pages4
- Writer levelUniversity
- Format of citationAPA
- Number of cited resources5
I. Trusted Platform Module (TPM) a. TPM Current Issues Assignment Notes: A survey paper does not present your own primary research results but synthesizes existing information from many sources and produces an extensive bibliography of papers in the field. It is highly recommended that your survey include existing works published in peer-reviewed publications, such IEEE, ACM, LNCS (Lecture Notes in Computer Sciences), RFC, etc. Avoid surveying the technologies widely discussed and frequently appearing in YouTube, Wikipedia, SANS, etc. Your reference section must include a reasonable number of sources from legitimate academic conferences or journals (a minimum 5 of papers). The structure of the paper should be, as follows (please number your sections): 1. Brief intro on challenges 2. Challenges (5 examples) 3. Brief summary and conclusion 4. References (use APA format) Recommended paper length: 3-4 pages (the content is more important).
Introduction
In 2013, the information technology experienced a mega shift in its operations when the Trusted Computing Group (TCG) was established by various companies including Hewlett-Packard Co., Intel Corp. Advanced Micro Devices Inc., IBM, and Microsoft. The group had a major goal of coming up with a Trusted Platform Module(TPM). As Camenisch, (2014) defines it, TPM is an integrated circuit that has over the years been made to conform with the trusted module that was defined by the group. The chip has over the years found its way to different applications that include servers, desktop computers and laptops just to name but a few. The idea behind the formulation of TPM was a means of ensuring safe computing and protecting the privacy of the users. This has been achieved by application of unique hard coded keys that perform different functions to ensure that authentication, encryption as well as decryption of the user’s information is protected. Although TPM is advantageous in its way, it has got several loopholes that leave its users frustrated and unsure of it. This paper focuses on discussing the challenges of the chip concerning the current issues in the market. The article is intended to anyone who is technically savvy with sufficient knowledge in technology and security concepts.
Challenges Facing Trusted Platform Module
The TPM has been known to exhibit different challenges that range from cold boot attack, vulnerability and privacy concerns, authentication that ties the user to using a single computer, its design, the possibility of the user being locked out of his/her own computer and the issue of remote validation of different software.
Cold boot attack is known to overcome the encryption on the disk that is thought to be the guard to the user information. It fails to provide the security requited to disinformation in the hard disk proving to be vulnerable to physical access. Several studies have been carried out concerning this, and the results found to be positive. Kauer, (2007) in his research claims that he was able to bypass the security encryptions of FileVault, TrueCrypt, and BitLocker by application of cold boot attacks. The primary intention of encrypting the hard disk is that if the computer gets stolen in a locked state and the bugler locks the machine, then the data in there will be erased and the encryption keys get lost. However, has not turned out as intended since the cold boot could be used to get information from the hard disk even when the computer is in that state. The Bitlocker, which is manufactured by Microsoft for application on TPM encrypts essential parts of the drive that need high security. Unfortunately, there has been the introduction of the BitUnlocker in the market that utilizes an external hard disk remounting the volumes of the Bitlocker to be mounted on Linux OS. The tool runs checks in an attempt to get the right key to access the encrypted information until it succeeds. All this is done during the cold booting. Then, when rebooting the computer, the tool successfully allows hackers to decrypt the encrypted disk within a few minutes if not seconds (Hutter, & Toegl, 2010)
The second challenge of the TPM is the issue of its numerous vulnerabilities that makes it void and unreliable. Its vulnerability makes it lack credibility and happens through the applications of a variety of hardware related modifications. Although some measures have been applied in an attempt to solve vulnerability, the issue tends to create unforeseen consequences day by day thus making it hard to deal with them completely. Most versions of TPM that exist;1.1 and 1.2 tend to have different vulnerability issues. The latter address the issues found in the first one but possesses its own. In the former, it is possible to hack using a small tool like a 3-inch wire that reaches the TPM bus and resets it. This bypasses the protective measures of the auditing mechanism of TPM (Gaber et al., 2011). This issue is addressed in version 1.2 although other issues crop up.
TPM is as well shows vulnerability to replay attacks. These can be caused by redundant processes that might as well occur unnecessarily. To be specific, the Object-Specific Authorization Protocol (OSAP) and Object-Independent Authorization Protocol (OIAP) which acts as the trust computing protocols become subjects to uncountable probes that include the replay named earlier attacks (Schell et al., 2008). The attacks are driven by application of twofold rolling nonce protocol that is as well-known as the hash key messages. The solution to this includes having a guarantee of the legitimacy of the endorsement key found on the Trusted Platform Module. (Gaber et al., 2011)
The third challenge that mainly encompasses TPM is the issue of privacy. Privacy concerns have been adamant in the recent past. For instance, although the digital rights management has not been selected as one of the intended users of the Trusted Platform Module, they are able to access the user’s information and can provide powerful software license enforcement that lock the content intended by the user to a particular machine and be used to track the activities carried out in that machine (Schell et al., 2008).
That said, the fourth challenge that TPM tends to exhibit is its tendency to tie a user to a single computer through storage of keys in TPM chip on one endpoint through the use of TPM-based authentication in enterprises. This is a major drawback and a challenge for those who want to apply multiple device uses such as hot-desking. In an attempt to get a solution to this, the users are therefore forced to apply third party software for disk encryption in cases where the extra security provided by TPM is not necessary.
Despite the various principles that revolve around TPM, the design has raised numerous issues due to the privacy and functionality of the model. In practice, it is well understood that trusted computing utilizes cryptography to enforce the desired behavior. The primary functionality of the system is to ensure that only the verified programs run on the computer. It is substantial to note that when TPM has applied alone, it does not protect the user from attacks that might breach the security of the user by the introduction of programming bugs.
Lastly, the core function of the chip tends to raise additional problems. TBM makes it possible to technically secure the hardware for the user and against the user as well. This has been a major challenge that has added up to the problem on remote validation software. This is a scenario that makes the manufacturer and not the owner of the computer the central controller who decides on what software to run on the computer (Schell et al., 2008). The manufacturer utilizes the propriety database to record the user’s activities even without the user’s knowledge. This creates a challenge that would be well regarded to as a security compliance conflict.
Conclusion
The issue of TPM and trusted computing tends to continue drawing criticism as well as support a different level. In instances that the chip is used as designed, then it provides high levels of machine security. However, attacks and other functionality questions are numerous and therefore tends to overshadow the benefits at different contexts. The intensity of cyber crimes becomes a testament to the multiple ways organizations might suffer in the hands of criminals. This could be done through malware, vulnerable and misconfigured programs as well as physical theft and electronic eavesdropping. (Schell et al., 2008). TPM is aimed at preventing the possibilities of this though it does not necessarily deliver. It is, therefore, recommendable that new solutions be put forward to curb the challenges that arise for TPM to be regarded as being safe.
References
Schell, D., Wyseur, B., & Preneel, B. (2008). Remote attestation on legacy operating systems with trusted platform modules. Science of Computer Programming, 74(1), 13-22.
Kauer, B. (2007, August). OSLO: Improving the Security of Trusted Computing. In USENIX Security (Vol. 7).
Gaber, C. Gharout, S., & Achemlal, M., (2011, May). Trusted platform module as an enabler for security in cloud computing. In Network and Information Systems Security (SAR-SSI), 2011 Conference on (pp. 1-6). IEEE.
Hutter, M., & Toegl, R. (2010, August). A trusted platform module for near field communication. In 2010 Fifth International Conference on Systems and Networks Communications (pp. 136-141). IEEE.
Camenisch, J. (2014, September). Better privacy for trusted computing platforms. In European Symposium on Research in Computer Security (pp. 73-88). Springer Berlin Heidelberg.