Explore a comprehensive analysis of Trusted Platform Module (TPM) vulnerabilities in this WAC 2020 presentation by Daniel Moghimi. Delve into cryptanalysis techniques, focusing on ECDSA nonce side-channel attacks and their implications for TPM security. Examine high-resolution timing tests on Intel PTT (FTPM) and understand the application of lattice-based cryptanalysis to the hidden number problem. Investigate the TPM-Fail key recovery results and their real-world impact through a case study on StrongSwan VPN. Learn about the challenges of secure cryptographic implementation, particularly for ECDSA, and discover the MicroWalk approach for identifying potential vulnerabilities. Gain valuable insights into the complexities of trusted computing and the importance of robust cryptographic implementations in modern security systems.
Overview
Syllabus
Intro
Cryptanalysis - ECDSA Nonce
Side-Channel Cryptanalysis
Side-Channel Attacks
Trusted Platform Module (TPM)
TPM - Digital Signatures
Trusted Computing Group
High-resolution Timing Test - Intel PTT (FTPM)
Lattice and Hidden Number Problem
TPM-Fail - Key Recovery Results
TPM-Fail Case Study: StrongSwan VPN
Remote StrongSwan VPN
CacheQuote (2)
Cryptographic Implementation is Hard - ECDSA
MicroWalk Approach
MicroWalk Implementation
Questions?!
Taught by
TheIACR
