Cracking the TPM chip – is it possible?
The integrity of the TPM chip is vital to the future of computer security and the value of Windows Vista's BitLocker technology. Cracking it could turn the IT industry on its ear.
The new generation of Windows client and server software boasts of strong new security tools for IT administrators, one of which is BitLocker encryption.
But when two researchers recently claimed they could crack the Trusted Platform Module (TPM) chip (the technology on which BitLocker is based), it prompted some discussion that this building block may contain a few cracks.
The TPM is based on specifications that were adopted and distributed by an industry standards group dedicated to improving information security across the board. Vipin Kumar and Nitin Kumar, brothers who are researchers at NV Labs in India, were scheduled to present a paper at a conference this month on how to crack the Trusted Computing Group's TPM microcontroller that securely stores passwords, encryption keys and digital certificates.
The TPM hardware has become the first industry-wide effort to enhance computer security, and many hope it will be the foundation for a lot more security improvements.
Microsoft uses the TPM in the BitLocker encryption feature of Windows Vista, its newest desktop operating system, and the Kumar brothers, who have cracked Vista in the past, have said that BitLocker could be cracked as well. Microsoft said last week it has no knowledge of a TPM/BitLocker break that's been published, documented and proven.
When the Kumar brothers voluntarily withdrew their presentation from the upcoming Black Hat USA 2007 conference in Las Vegas, without much comment, it caused a buzz in the information security community. There were questions about their work, and it also led people to consider the consequences to future information security improvements should the TPM be compromised.
After all, the Trusted Computing Group, an industry standards group with representatives from companies like Juniper Networks Inc., Intel Corp., Advanced Micro Devices Inc., Microsoft and a host of other equally well known industry players, worked on existing standards for hardware security in 2003, then adopted and released the standards the next year.
Hardware as the foundation for security efforts
The group focused on hardware, making it the building block of any increased security efforts because it is difficult -- if not impossible -- to trick. Software, by its nature, always seems to have a vulnerability that can be penetrated or manipulated.
By 2005, large chip manufacturers were making the TPM chip available for computer manufacturers, with the group and others in the industry hoping that this effort would serve as the foundation for increased security across all levels of computing. Trusted Computing Group has continued to build on its TPM standards, releasing similar standards for servers and is now working on similar standards for storage.
Consequently, if its basic technology could be cracked, then its future as a building block of improved security across all types of computing could be in doubt.
"If the TPM itself was compromised using an attack that could be 'commercialized' for broad use and could not be fixed, or it required a recall or complex maintenance actions, this would dim the future of information security somewhat," said Dan Blum, a senior analyst at the Burton Group, a research company based in Midvale, Utah. "Many in the industry are hoping that TPM will become a new pillar of host security, and such a compromise would set TPM back severely."
Blum also pointed out that some in the industry are skeptical that TPM can be properly protected. Still others hate it because they believe it will be used to employ digital rights management (DRM) across the board. Digital rights management uses different technologies to prevent people from copying digital editions of films, games and other electronic media.
One crack in the TPM wall could cause secondary cave ins
"Personally, I would like to see TPM increase computer assurance and hope that market forces will be allowed to govern how much we use DRM," Blum said.
Natalie Lambert, an analyst with Forrester Research Inc., a company based in Cambridge, Mass., said that if the TPM chip is cracked, there will be a domino effect of sorts. "Then there will be a whole slew of secondary technologies affected," she said, with the Trusted Computing Group working on industry security standards for other computing levels.
If the Trusted Platform Module remains secure, but Vista BitLocker is compromised, Blum said he sees that as a lesser problem that Microsoft can address with a fix to prevent further hacks. There could still be issues with unpatched systems, he said.
Russ Humphries, Microsoft's Windows Vista BitLocker senior product manager, said BitLocker's drive encryption has numerous multi-factor authentication options for customers who want to protect their data in different ways other than reliance on one method, such as the TPM chip.
One example Humphries gave was to follow the standard security best practice of "something you have and something you know" being required for access. A company might enable BitLocker to use a pre-boot PIN as well as the TPM, so an attacker would need to know the PIN as well as a way to circumvent the TPM, he said.
In any case, the Kumar brothers who brought the speculation to the surface continue to say little about their work and why they pulled it. "Security is always relative," said Nitin Kumar. "It depends upon your standards. There can be bugs in the most secure applications ever written," he said.