Documenting the proposal for TPM 2.0 security in the face of bus interposer attacks

Jarkko Sakkinen jarkko.sakkinen at linux.intel.com
Tue Nov 20 12:41:16 UTC 2018


On Tue, Nov 20, 2018 at 01:10:49PM +0200, Jarkko Sakkinen wrote:
> This is basically rewrite of TPM genie paper with extras. Maybe just
> shorten it to include the proposed architecture and point to the TPM
> Genie paper (which is not in the references at all ATM).
> 
> The way I see it the data validation is way more important than
> protecting against physical interposer to be frank.
> 
> The attack scenario would require to open the damn device. For laptop
> that would leave physical marks (i.e. evil maid). In a data center with
> armed guards I would wish you good luck accomplishing it. It is not
> anything like sticking a USB stick and run.
> 
> We can take a fix into Linux with a clean implementation but it needs
> to be an opt-in feature because not all users will want to use it.

Someone (might have been either Mimi or David Howells but cannot recall)
correctly pointed out at LSS 2018 that you could just as easily spy and
corrupt RAM if you have a time window to perform this type of attack.

/Jarkko



More information about the Linux-security-module-archive mailing list