Authentication of the Command TPM_CertifyKey in the Trusted Platform Module

Donglai FU, Xinguang PENG, Yuli YANG

Abstract


Trusted Platform Module (TPM) is a key component designed to enable computers achieve greater security. Several vulnerabilities discovered in the TPM highlight the necessity of formal analysis. The procedure invoking an API may be regarded as several interactive processes between the TPM and a user. As a result, the current study formalized the API specifications proposed by Trusted Computing Group (TCG) using applied pi calculus. Meanwhile, two authentication properties between them were also described in a formalized way. With the help of the tool ProVerif, the flaw of the command TPM_CertifyKey was discovered. It was also confirmed on the TPM emulator. Subsequently, the modified API was presented and its authentication properties could be satisfied after verifying again. Results show the model is valid.

 

DOI: http://dx.doi.org/10.11591/telkomnika.v11i2.2034


Full Text:

PDF

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Indonesian Journal of Electrical Engineering and Computer Science (IJEECS)
p-ISSN: 2502-4752, e-ISSN: 2502-4760
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).

shopify stats IJEECS visitor statistics