Cybersecurity Mythbusters: TPMs Can't Be Hacked
Transcription
Patrick
Hello and welcome to Cybersecurity Mythbusters. I'm Patrick McBride the Chief Marketing Officer of Beyond Identity and I'm joined today by our resident cybersecurity expert and our Chief Technology Officer, Dr. Jasson Casey.
Jasson
Today we are here to test the myths, the rumors and the questions that plague the cybersecurity industry.
Patrick
Today's question is from Eric in Paris, Texas.
Jasson
Ooh, the city of lights.
Patrick
All right. The question is, "Dear Cybersecurity Mythbusters is it true that a TPM can be hacked?"
Jasson
So what is a TPM? It's a type of security processor. This one was developed by TCG, the Trusted Computing group and its function is to help with security things. It first helps to start and remind ourselves a little bit about basic computer architecture. At the core of all of your computing devices is a microprocessor whether it's phone, whether it's a desktop. You all have a microprocessor. There is memory that your processor uses, right? That's where you store scratch data. That's where your programs actually operate from. And ultimately, there is a disk, right? Where you store things. When you power off your system, you power it back on you actually have your data still you know what to load your your programs have some sort of fixed state.
The problem with this by itself is when I store cryptographic material when I store cryptographic keys in these forms of medium, they're, they're hard to protect. They're hard to secure, they're easy to get stolen. So enter a TPM, which is really kind of a discrete processor that is distinctly different from the core processor that actually just does security crypto functions. So I can create a key inside of the TPM with a guarantee that that key never leaves the TPM or with another type of guarantee where if it does leave the TPM, it must be encrypted by a key. That itself cannot leave the TPM. This is great from a security perspective because it gives us some control to shrink the surface area of what's actually vulnerable, and that's a really good thing and a good property for security.
Patrick
Hmm. I think I know just the guy who can help us with this. Let me go see if I can beam him in.
Jasson
He's probably talking about Monty Wiseman. Monty's great. How could he not be? His last name is Wise Man, but more importantly he was a member of the TCG, the Trusted Computing Group. He was a co-author on the specification for the TPM and he was a major contributor at Intel and GE before we found him, and brought him over here to help us with our secure, trusted computing implementations.
Monty
Patrick, Jasson?
Patrick
Oh hey, Monty! We can hear you. Hold on. Let's get you up on the holo screen.
Jasson
Whoa. What's up Monty?
Patrick
Hey Monty, we're trying to answer the question about whether a TPM can be hacked. Can you give us a hand?
Monty
Thank you for asking the question. As you know, as you know I'm an expert in TPMs and very passionate about them because they solve some very critical problems. The first critical problem they solve is access to the authentication material that people use to prove their identity to remote services. Logging into a retail store, for example, logging into your business. The material that's used, for example that we all know today which are passwords, are shareable material. The user knows them, that kernel has access to them. Many of the applications and machines have access to them and the service provider, the, you know, the the service you're trying to get into actually has them too. That's how they prove them.
These secrets are also shared across multiple services. People who reuse passwords all the time because they don't wanna make up a a very large password unique to every service they want to get to. The TPM does that for you. What the TPM does is it creates a very large number. Users cannot possibly remember them anyway even if they got to them. But what's more important is the TPM never reveals the secret. It uses it to authenticate you but it never actually reveals it. Not only do you not have it, but even the kernel even a low level, high privileged attack on the kernel cannot get to the secrets inside the TPM.
So therefore, it is, it it is truly unphishable in order to get to the key that's the second part of the question, would be can an attacker physically get to it? Yes, they actually can, but it's a very expensive attack on the part of the attacker. They actually have to do something called DCAP. They have to remove the top of the TPM and or top of whatever package it's in. And to get to the key it takes very specialized equipment to read the key. Most of the TPMs have anti-tamper so they'll actually destroy the key if they think they're being attacked internally. So this makes attacks on the key itself extremely what's called infeasible. Infeasible means not, not perfect not completely impossible, but for unless you're looking at extremely high value assets the cost is very high and it's not repeatable across multiple devices. So I'm hoping that answers your question, Patrick and Jasson thank you very much.
Patrick
Thanks Monty. See you later.
Monty
Thank you!
Patrick
So how would you summarize that?
Jasson
The myth's not busted, the myth is not confirmed. It's nuanced. Number one, which is the best news. There are no known remote exploits for TPMs. Number two, there are known exploits for physical attacks against a machine with a TPM. They're destructive to the machine. They take a quite a bit of effort and they take a bit of money to actually set up the utility of an attack. It's dependent on what's going on on the machine.
Patrick
Got it. Thank you for joining Cybersecurity Mythbusters. If you have any myths that you'd like us to take a look at, please send them in. Can we blow stuff up now?
Jasson
I've been waiting.
.png)
