TOCTOU, Traps, and Trusted Computing

Free registration required

Executive Summary

The security of the standard TCG architecture depends on whether the values in the PCRs match the actual platform configuration. However, this design admits potential for time-of-check time-of-use vulnerabilities: A PCR reflects the state of code and data when it was measured, not when the TPM uses a credential or signs an attestation based on that measurement. The authors demonstrate how an attacker with sufficient privileges can compromise the integrity of a TPM-protected system by modifying critical loaded code and static data after measurement has taken place.

  • Format: PDF
  • Size: 251.55 KB