news / tech talk

Trusted Platform Module

by Lee LeClair
02/10/2010
As seen in Inside Tucson Business

The Trusted Platform Module (TPM) caused shockwaves this week as the story of how it was cracked hit the headlines. A TPM is a hardware chip that was developed for the purpose of providing a tiny secure vault of encryption capability to be used on all kinds of commercial devices like laptops, desktops, Xbox 360 game consoles, TVs, satellite TV receivers etc. The intent was to provide an inexpensive but highly secure way to protect content and millions have already been produced and sit on motherboards of all types. The chip can encrypt data of all types and many security conscious individuals and companies have already incorporated its use to protect data and verify its integrity as well as positively identify unique devices.

Christopher Tarnovsky, a security consultant, took six months to crack the chip using chemical baths to remove layers of the outer material. He then used a highly sensitive tiny probe to eavesdrop on the communications channels inside the chip itself. Once he found the right places to tap without triggering software failsafes, he could "see" and record the encryption processes going on including the key used and then reverse the entire process in effect nullifying the chips capabilities.

What is the impact of this? Some are already arguing that the process used is so complex and difficult that it is unlikely to be duplicated. However when large amounts of money are at stake as they are in satellite TV, gaming, and other kinds of piracy, it is likely that Tarnovsky's crack will be replicated, refined, and turned into a quick process for mass production. It is simply supply and demand. That is assuming Tarnovsky is the first to have achieved this crack. True pirates with high technical skills like some in Russia and China may have already achieved this but would not reveal it as their plan would be to profit from it in a different way than gaining notoriety as a security consultant.

For corporate data users, it depends on the threat. For example, a user who encrypts their hard drive or files using the TPM would believe it to be quite safe. Even if a "protected" laptop were stolen, one might sleep soundly believing that the encrypted data on it quite safe. For most people, that would be true however if the perpetrator was a corporate rival and the laptop stolen belonged to a finance executive then there might definitely be an issue and one would need to proceed accordingly.

From a nation-state perspective, this crack simply verifies that the TPM is of little use other than to protect sensitive but unclassified data. Some articles have mistakenly stated that the TPM is used to protect classified information from some government agencies but that is not true. In the US, any classified information must be encrypted with NSA's Type I encryption which is proprietary and unavailable to the public.

Does this mean that encryption is useless? Not at all, it simply means that the system as a whole must be equally well protected, not just the encryption algorithm. The TPM uses AES encryption which is as sound as it ever was. What was broken with the TPM is the shell of hardware and software protection mechanisms that protected the internal processing of those encryption algorithms. A similar issue occurred recently with an allegedly secure encrypted flash drive. In the same vein, the flash drive was cracked by subverting the mechanism that performed the encryption - not the encryption itself.

The whole episode underlines a common issue with security and commercial entities. The market wants an easy solution that will solve all the ugly security problems. Vendors try to sell a product that will "make all the problems go away". Unfortunately, many frustrated and desperate customers hear what they want to hear and blindly accept the "silver bullet" solution and move forward. The lesson is that one should always be skeptical when it comes to security. Any security solution provides a delay in the amount of time it would take an attacker to get in, nothing provides perfect security that lasts forever.

Lee Le Clair is the CTO at Ephibian. His Tech Talk column appears the third week of each month in Inside Tucson Business