Resistant against side channels are crucial for cryptographic schemes, especially in the context of trusted computing platforms such as Trusted Platform Modules (TPMs) and Trusted Execution Environments (TEEs). In this talk, we discuss our work on black-box timing analysis of TPM 2.0 devices deployed on commodity computers (https://tpm.fail). Our analysis reveals that some of these devices feature secret-dependent execution times. We show how this information allows an attacker to apply lattice-based techniques to recover 256-bit private keys for signatures based on elliptic curves. As a result, we can extract private keys from widely-used TPM devices, while reporting two critical vulnerabilities: CVE-2019-11090 on Intel firmware-based TPM, and CVE-2019-16863 on a hardware TPM manufactured by STMicroelectronics, which is certified at Common Criteria (CC) EAL 4+.
We further highlight the impact of these vulnerabilities by exploiting one of these vulnerabilities in a remote attack against a StrongSwan IPsec VPN that uses a TPM to generate the digital signatures for authentication. In this attack, the remote client recovers the server’s private authentication key by only timing authentication handshakes. The vulnerabilities we have uncovered emphasize the difficulty of correctly implementing known constant-time techniques. Even certified devices that claim resistance against attacks require additional scrutiny by the community and industry, as we learn more about these attacks.
Finally, we discuss a practical tool, name MicroWalk to automatically test and find such vulnerabilities within cryptographic implementations. We show that automatic testing using our tool would have discovered these issues during the development. In summary, our talk marks the importance of stricter verification of cryptographic implementations, especially in the context of trusted computing platforms.
Daniel Moghimi is a PhD candidate in the Department of Electrical and Computer Engineering at Worcester Polytechnic Institute (WPI). He received his Master of Science degree from the Department of Computer Science at WPI in 2017. His research interests are in the area of computer security with special focus on side channels and microarchitectural attacks. He has published in toptier academic conferences including papers in Usenix Security, ACM CCS, IEEE S&P. Some of his notable publications including Spoiler, ZombieLoad and TPMFail have been featured in the news articles by Forbes, Wired and The Register. In his free time, He enjoys reverse engineering, finding vulnerabilities and being involved with various sports and outdoor activities.