RT Journal Article
A1 Jianxiong Shao
A1 Yu Qin
A1 Dengguo Feng

PB iet
T1 Formal analysis of HMAC authorisation in the TPM2.0 specification
JN IET Information Security
VO 12
IS 2
SP 133
OP 140
AB The Trusted Platform Module (TPM) is a system component that provides a hardware-based approach to establish trust in a platform. The latest TPM2.0 specification was accepted as the ISO standard in 2015. It offers functionality for key management by storing keys into the TPM's protected storage. The access to the TPM-resident key object is protected by the session-based authorisation mechanism. This mechanism is keyed to the object's authorisation value known as authValue and the session-bound secret value known as sessionKey. The new authValue introduced into the TPM is protected by the session-based encryption mechanism, which is also keyed on the sessionKey. In the authors’ study, they conduct a formal analysis of the TPM2.0 HMAC (hash message authentication code) authorisation mechanism used in the key management. They first use the stateful applied π calculus to formalise the session-based HMAC authorisation and encryption mechanisms in a model of TPM2.0 API commands. They propose a threat model to formalise the secrecy and authentication properties. Then they discuss several attacking scenarios in practice where the sessionKey could be disclosed. They also instantiate their threat model according to specific attacking scenarios. By using the SAPIC tool and the tamarin prover, they automatically give out the analysis results of their models.
K1 TPM protected storage
K1 trusted platform module
K1 object authorisation value
K1 TPM2.0 specification
K1 HMAC authorisation
K1 ISO standard
K1 session-bound secret value
K1 hash message authentication code authorisation mechanism
K1 SAPIC tool
K1 encryption mechanisms
K1 tamarin prover
K1 TPM-resident key object
K1 formal analysis
K1 authValue
K1 sessionKey
K1 session-based authorisation mechanism
DO https://doi.org/10.1049/iet-ifs.2016.0005
UL https://digital-library.theiet.org/;jsessionid=amggrs1383m35.x-iet-live-01content/journals/10.1049/iet-ifs.2016.0005
LA English
SN 1751-8709
YR 2018
OL EN