Dailydave mailing list archives
TPMkit: Breaking the Legend of Trusted Computing(TC [TPM]) and Vista (BitLocker) - Nitin Kumar & Vipin Kumar
From: Vipin Kumar <listuser () nvlabs in>
Date: Fri, 11 May 2007 16:26:32 +0530
Dear all, We are working on TPMkit:Breaking the Legend of Trusted Computing(TC [TPM]).We are almost in the final stages of breaking TPM.We have success on Window's Vista Bit Locker, though the method is OS independent. we are planning for demonstrations at the Blackhat USA and HITB cons (if they accept us). Abstract and general info about presentation --------------------------------------------------------------------------- TPMkit: Breaking the Legend of Trusted Computing(TC [TPM]) and Vista (BitLocker) ********************************************************************************* "Trusted computing" means that the computer will consistently behave in specific ways, and those behaviors will be enforced by hardware and software. Trusted Computing is often seen as a possible enabler for future versions of document protection (mandatory access control) and copy protection (Digital Rights Management) - which are of value to corporate and other users in many markets and which to critics, raises concerns about undue censorship.It's also being used by software vendors. (Source http://en.wikipedia.org/wiki/Trusted_Computing) Trusted Computing includes the use of trusted Platform Module(security processor(hardware chip)) which can be used to enforce protections ( such as BitLocker in Microsoft's Windows Vista).TCG has proposed a specification for Remote Attestation that allows a host to remotely prove its hardware and software while protecting its privacy.Trusted reporting is the key component for attestation of a host’s configuration and is accomplished by exposing trusted measurements.Remote Attestation is also used to Trusted Network Connect.The TNC architecture enables network operators to enforce policies regarding endpoint integrity at or after network connection. TCPA/TPM DRM is a technical term for a Trustworthy Computing solution that limits what fair use consumers can use with the media they own.More info on http://www.chillingeffects.org/weather.cgi?WeatherID=534 Nearly 150 Million TPM devices have already been shipped and this number is increasing day-by-day. ( Source: https://www.trustedcomputinggroup.org/news/Industry_Data/Implementing_Trusted_Computing_RK.pdf) The TPM becomes the first step in the boot sequence, serving as a secure foundation for the BIOS, the boot loader, the kernel, and the rest of ,the operating system. Since the TPM performs this check every time the PC boots,it provides a regular check for rootkit infections. This means it will be easily apparent when a PC has been tampered with. (Source: https://www.trustedcomputinggroup.org/news/Industry_Data/Whitepaper_Rootkit_Strom_v3.pdf) The attack procedure (TPMkit) involves an attack on the TPM. TPMkit lets you overcome technologies such as Vista's BitLocker.TPMkit also bypasses remote attestation and thus, will allow to connect over Trusted Network Connect(TNC)(although the system might not be in Trusted state.). TPMkit bypasses the security checks mentioned (in the above paragraphs) and thus, you will never know that you are using a compromised or changed system. The demonstration will include a few live demonstrations.For example, one demonstration will show how to login and access data on a Windows Vista System( which has TPM + BitLocker enabled). --------------------------------------------------------------------------- bye, nitin , vipin _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- TPMkit: Breaking the Legend of Trusted Computing(TC [TPM]) and Vista (BitLocker) - Nitin Kumar & Vipin Kumar Vipin Kumar (May 11)