Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Hardware TPM Hacked

Soulskill posted more than 4 years ago | from the matter-of-time dept.

Hardware Hacking 327

BiggerIsBetter writes "Christopher Tarnovsky has pulled off the 'near impossible' TPM hardware hack. We all knew it was only a matter of time; this is why you shouldn't entrust your data to proprietary solutions. From the article: 'The technique can also be used to tap text messages and email belonging to the user of a lost or stolen phone. Tarnovsky said he can't be sure, however, whether his attack would work on TPM chips made by companies other than Infineon. Infineon said it knew this type of attack was possible when it was testing its chips. But the company said independent tests determined that the hack would require such a high skill level that there was a limited chance of it affecting many users. ... The Trusted Computing Group, which sets standards on TPM chips, called the attack "exceedingly difficult to replicate in a real-world environment."'"

cancel ×

327 comments

Sorry! There are no comments related to the filter you selected.

surprise surprise (5, Insightful)

Anonymous Coward | more than 4 years ago | (#31073678)

'near impossible'

Shouldn't that be 'near inevitable'?

Infineon said it knew this type of attack was possible when it was testing its chips.

Did they mention this in their marketing and when selling the TPM FUD to governments and companies?

"exceedingly difficult to replicate in a real-world environment."

Meaning only powerful criminal organizations, companies and governments can probably gather the
required resources and people with the expertise to pull it off? Out of 6.8 billion people, how
many have the resources to do this? 1000? 10,000? What about in 5 years?
At what point will they admit its flawed? Probably when TPM2 is fully patented and ready.

Re:surprise surprise (-1)

causality (777677) | more than 4 years ago | (#31073904)

I had a similar thought when I read that part of the summary:

But the company said independent tests determined that the hack would require such a high skill level that there was a limited chance of it affecting many users. ... The Trusted Computing Group, which sets standards on TPM chips, called the attack "exceedingly difficult to replicate in a real-world environment.

Two words: script kiddies. It may take an exceedingly high skill level to come up with an exploit. It may also take a high skill level to package that exploit so anyone can use it with little or no skill. After that, it will become as common as any Windows worm that originally required some skill to create.

There's just no substitute for relatively educated users who have some understanding of the devices they use and the security implications of their decisions and practices. The attempt to create some magical system that transfers all of that into software or a piece of silicon just creates a false sense of security. It makes a very attractive target for criminals to exploit. We really seem determined to refuse to learn this lesson.

Re:surprise surprise (4, Interesting)

Bacon Bits (926911) | more than 4 years ago | (#31073980)

You didn't even read the article, did you? This was a hardhack.

Tarnovsky needed six months to figure out his attack, which requires skill in modifying the tiny parts of the chip without destroying it.

Using off-the-shelf chemicals, Tarnovsky soaked chips in acid to dissolve their hard outer shells. Then he applied rust remover to help take off layers of mesh wiring, to expose the chips' cores. From there, he had to find the right communication channels to tap into using a very small needle.

The needle allowed him to set up a wiretap and eavesdrop on all the programming instructions as they are sent back and forth between the chip and the computer's memory.

It also amuses me that TFS makes the point of blaming "proprietary" solutions. Exactly how would this attack have been prevented by using open source?

Re:surprise surprise (0)

Anonymous Coward | more than 4 years ago | (#31074044)

Don't you know? Open source makes everything happy, with no security issues whatsoever.

Re:surprise surprise (2, Insightful)

sim82 (836928) | more than 4 years ago | (#31074196)

well, now that he knows which chemicals to use and which wires to tap, it should take considerably less than 6 months to do it again. Basically the security of this tpm seems to be mainly based on obscurity (in this case complicated hardware).

Re:surprise surprise (2, Insightful)

mini me (132455) | more than 4 years ago | (#31074214)

The makers of the chip said that they knew of the problem. An open chip maker would also be aware of the problem, but they would make the problem known. This would allow people using the chip to determine of the pros outweigh the cons of the vulnerability .

Re:surprise surprise (0)

Anonymous Coward | more than 4 years ago | (#31074514)

True - however, this assumes that OSS would create a "perfect" chip very rapidly. Because if not, then the public disclosure of exactly how they work would be as much an aid to people trying to find ways to hack it as a liability. In this case, Infineon knew that the hack was possible, but extremely difficult - for OSS to be a better solution, the making-it-easier of Tarnovsky knowing exactly how the chip works and being told about the nature of the problem would have to be balanced by the making-it-harder of the collaborative factor of OSS. Given how difficult it was for Tarnovsky and the resources Infineon would have put into it, while still deciding they could live with the vulnerability, I would guess that an OSS team would struggle to have a big making-it-harder-factor over proprietary.

OSS software competes with proprietary software, but proprietary software has lots of bugs because they know it can be fixed easily by a patch. Proprietary hardware manufacturers tend to put quite a bit more into it (e.g. the XBOX 360 security), which makes the bar for OSS to add value a lot higher. OSS graphics card anyone?

Re:surprise surprise (3, Insightful)

blackraven14250 (902843) | more than 4 years ago | (#31074568)

You didn't answer the question. It was "Exactly how would this attack have been prevented". Nice sidestep, though.

Re:surprise surprise (1, Interesting)

riegel (980896) | more than 4 years ago | (#31074558)

When I give food to the poor, they call me a saint. When I ask why the poor have no food, they call me a Communist.

When you do the giving thats great. When that giving is compelled then it aint so great.

Re:surprise surprise (4, Funny)

crossmr (957846) | more than 4 years ago | (#31074048)

I had a similar thought when I read that part of the summary:

How about you do something crazy and carry on to the actual article (I know.. I forgot where I was)

The new attack discovered by Christopher Tarnovsky is difficult to pull off, partly because it requires physical access to a computer.....Using off-the-shelf chemicals, Tarnovsky soaked chips in acid to dissolve their hard outer shells. Then he applied rust remover to help take off layers of mesh wiring, to expose the chips' cores. From there, he had to find the right communication channels to tap into using a very small needle.

Two words: script kiddies.

You tell me how you're going to pack acid and rust remover into a downloadable tool and I'll worry.

Re:surprise surprise (1)

camperdave (969942) | more than 4 years ago | (#31074400)

You tell me how you're going to pack acid and rust remover into a downloadable tool and I'll worry.

Getting the cover off of the lock is the best way to find out how to pick it. Once you know how to pick it, you can do it even if the cover is on.

Re:surprise surprise (1)

chill (34294) | more than 4 years ago | (#31074450)

No. This isn't a software hack. It requires physical modification of the chip itself, every time. The chips are sealed in epoxy, so you'd have to get thru that with acid EVERY TIME. You aren't going to automate it with improved knowledge. RTFA.

Re:surprise surprise (0)

Anonymous Coward | more than 4 years ago | (#31074530)

BOM.txt:

"Go to a DIY shop and buy the following:

-acid
-rust remover"

Re:surprise surprise (1)

gomiam (587421) | more than 4 years ago | (#31074156)

Mind you, this is a hardware attack requiring the judicious use of chemicals to expose the circuitry. I somehow doubt there will be a do-it-yourself kit available any time soon.

Re:surprise surprise (3, Insightful)

Jeremy Erwin (2054) | more than 4 years ago | (#31074282)

'near impossible'. Shouldn't that be 'near inevitable'?

No. Consider a strongbox. The best strongboxes, or safes are rated to withstand X minutes of attacking with Y Tools, with the idea being that within those X minutes, the security guards or the police will have responded and arrested the guy patiently drilling holes in the wall. Even though safes have been successfully manipulated, drilled, pried, lanced, or detonated, manufacturers still design strongboxes to thwart burglars, changing locks, adding glass discs, experimenting with new alloys, new shapes, and so on. Inevitably, some thieves will figure out a way to thwart these safeguards, and design begins anew.

It's not as if the burglars have won, and a burglary safes are a quaint anachronism.

The TPM should give administrators time to disable credentials in the case of a stolen laptop. But "secret forever" was and probably shall ever remain a pipe dream.

Re:surprise surprise (-1, Redundant)

zippthorne (748122) | more than 4 years ago | (#31074438)

Yeah, but two words: "Script Kiddies"

Stuff that might be hard to *figure out* how to do to a strong box is still insecure in a world where there there is a sneaker-net passing around badly photocopied "how-to" step-by-step instructions discovered by the single clever attacker.

Nothing that can be automated can be considered "secure against all but the cleverest attackers"

Re:surprise surprise (4, Informative)

hclewk (1248568) | more than 4 years ago | (#31074566)

It. Can't. Be. Automated.

Re:surprise surprise (1, Insightful)

Opportunist (166417) | more than 4 years ago | (#31074588)

What part of it can be automatized? As soon as that is a possibility, it becomes trivial to execute for anyone.

Cracking computer games with "professional" copy protection requires specialized knowledge as well, as well as a few key tools and the knowledge how to operate them. Yet it can be fully automatized once it has been done once and thus anyone can apply a crack. Cracking the protection of consoles requires a lot of knowledge and information, yet applying it requires a soldering iron and a chip (either bought or selfmade). How much of that TPM hack can be streamlined and dumbed down until all the potential attacker needs is a list of hardware to buy and some programs to run?

And suddenly those 1000 multiply.

tpm? (0)

Anonymous Coward | more than 4 years ago | (#31073708)

Can the summary at least explain wtf tpm is?

Re:tpm? (4, Informative)

Lord Ender (156273) | more than 4 years ago | (#31073828)

To encrypt something, you must have a 20-character password minimum to get 128-bit key strength. Nobody likes typing 20 characters, so TPM was invented. TPM stores your key on a separate chip. This chip only coughs up the key if you enter a short password to authenticate yourself to the chip.

The chip uses rate-limiting boot-delays to prevent brute-forcing of the password.

So they only way to get the key is to break the chip apart and look at the hardware somehow. The chips are usually encased in epoxy to make this hard to do. It's never been done before. Now it has... but it's still hard work.

TPM chips come on all business laptops these days, though few businesses make use of them. And they're still better than telling your users to memorize 20 char passwords (which they would just write down).

Re:tpm? (1)

characterZer0 (138196) | more than 4 years ago | (#31074028)

Taking the chip apart is hard. Paying off somebody with access to the design documents is easy.

Re:tpm? (1)

Lord Ender (156273) | more than 4 years ago | (#31074200)

What do you expect access to "design documents" will help with?

Re:tpm? (0)

Anonymous Coward | more than 4 years ago | (#31074372)

The password has to be programmed into the chip somehow, knowing the pinouts and the internals will assist in determining how.

Re:tpm? (1)

Lord Ender (156273) | more than 4 years ago | (#31074586)

The hard part will always be taking the chip apart without destroying the data (or the ability to read the data).

Re:tpm? (0)

Anonymous Coward | more than 4 years ago | (#31074116)

It's not a problem:

'ABCDEFGHIJKLMNOPQRST'

What's so hard?

It's the same difficulty as my luggage: '1234'

Re:tpm? (1)

alvinrod (889928) | more than 4 years ago | (#31074590)

20 character passwords aren't hard if you use a passphrase [wikipedia.org] . They're just as easy to memorize (if not easier) and vastly more secure. The only reason I don't use them for everything is that some online services put a limit on maximum password length. It's not really any harder to type in 20 characters than it is to type in 8 if you're good at typing. I understand that people are lazy, but good security doesn't need to be a string of 20 random characters, numbers, and symbols that are difficult to remember.

Read about it (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31073772)

two days ago. In a newspaper. In New Zealand.

When will they learn (1, Insightful)

santax (1541065) | more than 4 years ago | (#31073802)

That near impossible = possible = bad security. The arrogance to think they are soooo smart and (almost) no-one will be able to crack their design. Well it only takes 1 person. But I am guessing about every secret service in the world already knew how to do this attack.

Re:When will they learn (1)

jdunn14 (455930) | more than 4 years ago | (#31073928)

This paints faaaar too black and white a picture of security. Factoring the huge RSA key that you're using within the next few days is "next to impossible" (the first pair of large primes I try could be the ones) but that doesn't make it bad security. What you have to do is raise the bar high enough that your data/house/identity is adequately protected. Absolutes do not exist. That said, I'm not making a judgment on this particular hack or its difficulty, just that claiming that the ONLY good security is absolutely uncrackable security is incorrect.

Re:When will they learn (1)

santax (1541065) | more than 4 years ago | (#31073998)

I agree with you that absolutes don't seem to exist in the security-world but after reading the article I don't think this is about brute-forcing a key.

Re:When will they learn (1)

crossmr (957846) | more than 4 years ago | (#31073974)

No.. there is a difference between possible and theoretically possible.

The new attack discovered by Christopher Tarnovsky is difficult to pull off, partly because it requires physical access to a computer.

I don't really call any hack that requires "physical access" to be a genuine danger.

If someone has physical access to your box you've got greater worries.

Re:When will they learn (5, Insightful)

noidentity (188756) | more than 4 years ago | (#31074036)

I don't really call any hack that requires "physical access" to be a genuine danger. If someone has physical access to your box you've got greater worries.

Yes, but remember that TPM is about keeping you our of your own computer, so those who would like to do so are worried about this.

Re:When will they learn (1)

Jaysyn (203771) | more than 4 years ago | (#31074348)

Why is this modded troll? Wake up mods!

Re:When will they learn (2, Interesting)

noidentity (188756) | more than 4 years ago | (#31074494)

Obviously a mod who doesn't understand TPM. Or maybe he picked up on the (entirely appropriate) negative undertone of my message, directed at those who want to lock you out of your own computer.

Re:When will they learn (0)

Anonymous Coward | more than 4 years ago | (#31074554)

Because the large majority of TPM implementations are absolutely nothing to do with DRM or privacy concerns, and the GP is scaremongering with no basis?

Re:When will they learn (1)

santax (1541065) | more than 4 years ago | (#31074148)

The best spies in the world had physical access to hardware which they were trusted to. But not to all the information on that computer. Now that goes for goverments, but if you telling me that your mobile, your laptop and your home-pc are always in your sights... and that no-one can open your locks undamaged. Well chapeau to you, but I wouldn't believe you. This is a hack. This is how the spy-business works.

Re:When will they learn (1)

crossmr (957846) | more than 4 years ago | (#31074184)

but how many people that use this are actually going to be targeted by criminals that are capable of this and not have greater worries? Probably zero..
Look at the procedure the guy went through. He'd not only need access, he'd need some time to sit down and get comfy with it. A spy ripping a chip out of your box in your server room and field stripping it is going to get noticed.

Re:When will they learn (1)

santax (1541065) | more than 4 years ago | (#31074350)

Stranger things have happened. Assumption...

Re:When will they learn (1)

nedlohs (1335013) | more than 4 years ago | (#31074492)

Except that almost the entire reason for a TPM chip it to secure against those with physical access. So you can't just declare that physical access invalidates it.

Re:When will they learn (1)

blackraven14250 (902843) | more than 4 years ago | (#31074662)

It's not even remotely easy. One bad move with the acid, and game over. One bit of misplaced rust remover, game over. A wrong push with the needle (where you're dealing with micron-sized pathways) and game over, again. You need a whole lot of time to do this successfully, not just a 5-minute period.

Re:When will they learn (1)

Opportunist (166417) | more than 4 years ago | (#31074712)

"Physical access" in the time of PDAs, smartphones and laptops? Hardly a challenge.

Also don't forget that security is often also a matter of trust. If something is trusted to be "secure", additional layers of security are often ignored because THIS cannot be the leak, so we needn't add more security. I wouldn't deem it impossible that sensitive data may be stored on a TPM protected device because it is "impossible" to break it open, something that would certainly not be permitted if the device was not trusted.

Re:When will they learn (1)

wvmarle (1070040) | more than 4 years ago | (#31074008)

Every password, every encryption key can be brute-forced, given enough time.

No software is flawless.

No hardware is flawless.

Even the strongest bank vault inside the strongest nuclear bunker under the largest mountain defended by an immense army can be breached.

So in your world there is only place for bad security.

Luckily for the rest of us there is also something like "good enough" security that is so secure that breaking it is so expensive/hard that it becomes practically impossible.

Re:When will they learn (1)

Sir_Lewk (967686) | more than 4 years ago | (#31074474)

Generally speaking "given enough time" to bruteforce a key should mean something like "a few orders of magnitude more time than the universe is expected to last before heat death". Not "6 months". Of course, he didn't bruteforce a key here, he comprimised a hardware device. Comparing the "imperfect" security of one with the other is a tad disingenuous.

The real problem here is these devices have been pushed as some sort of magic security bullet, without the companies pushing them being honest about the actual amount of security provided.

Also, you cannot brute force OTPs, those are perfect. And software can be proven correct, provided enough time/money, and a detailed specification of exactly what the software is supposed to do.

Re:When will they learn (0)

Anonymous Coward | more than 4 years ago | (#31074012)

That's just ignorance. No attack against security is impossible to achieve. Per your silly little argument, that means all security is bad security.

Security is risk management. If a 'near impossible' attack costs an attacker $1000 to perform, then it's perfectly safe for me to store data that's only worth $999 to the attacker under protection vulnerable to that attack.

This attack requires physical access to the chip, and skill in chemically eroding the case of the chip to expose the guts of the chip.

That doesn't equate to bad security.

Re:When will they learn (1)

Qzukk (229616) | more than 4 years ago | (#31074194)

then it's perfectly safe for me to store data that's only worth $999 to the attacker under protection vulnerable to that attack.

I solved it by hanging a sign on my valuable data saying "This data is only worth $999". After all, it's not like an attacker knows whether it's my bank account information or my shopping list until after they've broken the security.

Re:When will they learn (0)

Anonymous Coward | more than 4 years ago | (#31074098)

Except that fundamentally, NOTHING is truly impossible.

So it is a matter of making things exceedingly difficult, such that the cost of an attack exceeds the potential value of the information obtained from executing the attack.

If you RTFA, the cost and technical complexity of this attack is pretty high, and is more than the benefit you'll gain from most targets implementing this method of security.

Targets that have information valuable enough to justify executing an attack like the one described are likely to have additional/more sophisticated countermeasures in place.

Re:When will they learn (0)

Anonymous Coward | more than 4 years ago | (#31074176)

No security is 100%. Anything that you come up with to secure your computer can be cracked, and they know that, they even say it if you read the article and press releases by the company. This issue here is that Christopher Tarnovsky is one of the top hardware guys in the business, and it took him 6 months to figure the damn thing out. Even with all his notes, a map, and a compass most human beings would not be able to pull this hack off. The security offered by these chips is still pretty damn good.

Re:When will they learn (1)

nedlohs (1335013) | more than 4 years ago | (#31074420)

Bullshit.

All security is breakable - given enough time and money. So all security is just a trade-off how much are you willing to spend and how much inconvenience can you take versus how serious an attack do you need to be secure against.

Is your house built with bank vault doors and walls and floor and ceiling? Does the door have a lock anyway?

Re:When will they learn (1)

rwiggers (1206310) | more than 4 years ago | (#31074462)

Do you REALLY consider any form of encryption as impossible to crack? I'd say all of them are a matter of time.

Re:When will they learn (1)

geekmux (1040042) | more than 4 years ago | (#31074614)

...But I am guessing about every secret service in the world already knew how to do this attack.

What the hell would they need millions of dollars worth of human and electronic resources to crack TPM for when waterboarding supplies are less than ten bucks and you usually get an answer in less than 5 minutes?

Yeah, that may sound like a joke, but seriously, there are enough "old-school" tactics out there to gain access the old fashioned way. Not to mention the threat tactic of labeling you a "terrorist", and immediately qualify you for "throw-away-the-key" lockup.

Security only buys you time. (1)

tjstork (137384) | more than 4 years ago | (#31073834)

This one line changes things:

The new attack discovered by Christopher Tarnovsky is difficult to pull off, partly because it requires physical access to a computer.

You can't have a piece of hardware make your data safe forever. It only needs to be safe for as long as you use it.

Re:Security only buys you time. (1)

Lord Ender (156273) | more than 4 years ago | (#31073946)

Wrong. Real encryption with real key management can be either impossible (OTP) or effectively-impossible (AES) for someone to get around, even if they have physical access to your machine.

TPM is an attempt to make key management easy, but it comes at the cost of making circumvention really hard (rather than effectively impossible).

Re:Security only buys you time. (1)

ColdWetDog (752185) | more than 4 years ago | (#31074228)

TPM is an attempt to make key management easy, but it comes at the cost of making circumvention really hard (rather than effectively impossible).

Of course, there are even easier methods [xkcd.com]

Nope, wrong... (1)

tjstork (137384) | more than 4 years ago | (#31074718)

Wrong. Real encryption with real key management can be either impossible (OTP) or effectively-impossible (AES) for someone to get around, even if they have physical access to your machin

You forget that humans are the weakest link. Torture the shit out of someone that knows the password, and you'll be home free.

The best part... (0)

Anonymous Coward | more than 4 years ago | (#31074578)

I wish I could remember which senator was screaming his head off to get these put in all computers as a mandate by the U.S. Federal Government. Just another example of how competent the fed. gov. is and should NOT be trusted to ever tell the populace what they must do!

Yeah, this is going to be a major problem... (4, Insightful)

Admiralbumblebee (996792) | more than 4 years ago | (#31073842)

FTA "Using off-the-shelf chemicals, Tarnovsky soaked chips in acid to dissolve their hard outer shells. Then he applied rust remover to help take off layers of mesh wiring, to expose the chips' cores. From there, he had to find the right communication channels to tap into using a very small needle."

If the attacker has this much physical access to your system/data then you've lost LONG before the TPM chip failed.

Re:Yeah, this is going to be a major problem... (1)

yoyoq (1056216) | more than 4 years ago | (#31073956)

mod parent up

Re:Yeah, this is going to be a major problem... (3, Insightful)

Jeng (926980) | more than 4 years ago | (#31074014)

If the attacker has this much physical access to your system/data then you've lost LONG before the TPM chip failed.

Yes, such as if the computer was stolen. I don't know much about TPM, but I would hazard a guess that one of the selling points would be to keep information secure even if the computer it is in gets stolen.

Re:Yeah, this is going to be a major problem... (1)

rwiggers (1206310) | more than 4 years ago | (#31074560)

In that case it's known to the industry that only storing the keys with battery-backed RAM can minimize this kind of attack.
It's although an interesting breakthrough see someone achieve this without sophisticated lab equipment.

Am I getting old? (1)

jtownatpunk.net (245670) | more than 4 years ago | (#31073872)

When I saw TPM, the first thing I thought of was the CP/M variant that came with the Epson QX-10.

Re:Am I getting old? (2, Funny)

jfengel (409917) | more than 4 years ago | (#31073990)

Yes, it means you're getting old. On the plus side, your memory appears to be in great shape.

Re:Am I getting old? (1)

bughunter (10093) | more than 4 years ago | (#31074100)

Yea, but unfortunately his short term memory is going.

He forgot the new cover sheet on his TPM report.

Re:Am I getting old? (1)

delirium28 (641609) | more than 4 years ago | (#31074284)

It seems your own memory is fading, for it is a TPS report, not a TPM report, that needs the new cover sheet.

Re:Am I getting old? (1)

Lumpy (12016) | more than 4 years ago | (#31074682)

who are you? and where are my pants?

"high-skill" (1)

mdm-adph (1030332) | more than 4 years ago | (#31073896)

"But the company said independent tests determined that the hack would require such a high skill level that there was a limited chance of it affecting many users."

You're kidding me, right?

Re:"high-skill" (4, Insightful)

PhilHibbs (4537) | more than 4 years ago | (#31074030)

Not sure what you mean. But yes, this does require a high skill level - we don't know how many TMP chips this guy trashed before getting it to work on one, or what his success rate would be on the next one. If he gets a laptop full of Chinese secrets and is asked to crack the TPM chip, he might well fry it on the first attempt, and you don't get second attempts on this kind of thing. It's not the kind of exploit that can be scripted and downloaded by any kiddie.

Re:"high-skill" (1)

mdm-adph (1030332) | more than 4 years ago | (#31074126)

Oh -- I know it's beyond script kiddies, but still, saying that such an exploit isn't to be worried about because it requires "high-skill" -- what really dedicated, evil cracker _isn't_ "high-skill?"

Re:"high-skill" (1)

Lumpy (12016) | more than 4 years ago | (#31074710)

He knows where to look and can measure depth. now all he needs to do is map out where to drill and how deep, insert probe into hole and voila!

refining the hack to increase reliability is very easy once you have more information.

Re:"high-skill" (1)

maxume (22995) | more than 4 years ago | (#31074068)

He dissolved the outside of the chip without destroying the insides, and then he electrically accessed the chip with a needle.

So, no kidding.

Difficult? (0)

Angst Badger (8636) | more than 4 years ago | (#31073938)

The requirement for physical access aside, it really doesn't matter how difficult the rest of the process is, since someone will eventually figure it out and implement software to do it automatically so any script kiddie can do it. Math -- crypto included -- is funny that way. Considering the amount of money companies invest in products like these, you'd think they'd figure that out sooner or later.

Re:Difficult? (2)

trampel (464001) | more than 4 years ago | (#31074034)

I somehow doubt that somebody will implement software to open the device package and depassivate the chip to probe internal signals.

In essence, what he seems to have done is open the chip to extract the keys (or data that allowed computing the keys).

Re:Difficult? (0)

Anonymous Coward | more than 4 years ago | (#31074122)

Read the goddamn article. "Using off-the-shelf chemicals, Tarnovsky soaked chips in acid to dissolve their hard outer shells. Then he applied rust remover to help take off layers of mesh wiring, to expose the chips' cores. From there, he had to find the right communication channels to tap into using a very small needle."
Good luck writing software that does this automatically.

Re:Difficult? (1)

Monkeedude1212 (1560403) | more than 4 years ago | (#31074266)

This is a hardware hack (see title).

In order to hack it, you need to do some stuff with your hands, you need the physical device. You can't hand this to a script kiddie and he'll be breaking into the NSA in no time.

I don't think its Infineon's responsibility for this "vulnerability" at all. You'd need to be someone within the same field as Christopher Tarnovsky, and someone with roughly as much knowledge. If you don't know who he is, look him up. He is pretty much at the top of his field.

This is like how your house is vulnerable because the lock on the front door can be picked by a lockpicking expert or locksmith. Yet - no one is complaining.

Re:Difficult? (2, Insightful)

jpmorgan (517966) | more than 4 years ago | (#31074296)

And you'd think posters would try reading the article before sounding smarmy and dismissing the abilities of others. Funny that.

Given that the first step of the "attack" is physically dissolving the chip's outer packaging in an acid bath... I'm guessing this won't be showing up in script-kiddie toolchains any time soon.

Does anyone know if this leads to a soft-hack (1)

DarkOx (621550) | more than 4 years ago | (#31073942)

So he did this by access the information in the chips protected storage. Now that he has done this does it let us get at the set of possible keys or anything that would allow a software solution to defeating these things?

Re:Does anyone know if this leads to a soft-hack (1)

jpmorgan (517966) | more than 4 years ago | (#31074268)

Given that the first step in the hack is removing the chip and dissolving its outer casing in acid, I'm guessing this isn't likely to admit a purely software exploit.

In other words, RTFA.

Re:Does anyone know if this leads to a soft-hack (2, Insightful)

SomeJoel (1061138) | more than 4 years ago | (#31074460)

Given that the first step in the hack is removing the chip and dissolving its outer casing in acid, I'm guessing this isn't likely to admit a purely software exploit.

In other words, RTFA.

What the GP was asking is that now that this has been broken once, does the data obtained from said break-in provide enough information to devise a software solution?

For instance, if the data obtained indicated that passwords always resolve to a relatively small subset of hashes, then brute force attacks would have a much faster time of it. But hey, way to play the RTFA card without understanding the question.

Infinitely Improbable == Finitely Probable (1)

fuzznutz (789413) | more than 4 years ago | (#31074090)

All you need is a good source of Brownian Motion.

Re:Infinitely Improbable == Finitely Probable (1)

Critical Facilities (850111) | more than 4 years ago | (#31074248)

Inventory: no tea

Dang it!

Maybe it's time to rethink "digital everything"... (1)

logicassasin (318009) | more than 4 years ago | (#31074108)

Seriously... We're reading about how Chinese baddies are doing this and that to gain access to secrets and whatnot and it seems like every few weeks some previously unbreakable form of encryption has been compromised. Maybe it's time to greatly reduce our dependency on the digital world to secure trade and state secrets. I mean... Laptops and phones are lost/stolen all the time, why would anyone in their right mind trust transporting state secrets on a flippin' laptop??? We all know it happens and we all know it's just a matter of time before something horrible happens because some high ranking official has his laptop stolen while playing "toe tap" in the bathroom stalls of some random airport.

Re:Maybe it's time to rethink "digital everything" (1)

ColdWetDog (752185) | more than 4 years ago | (#31074278)

So, you want to go back to analog? Is that what you're saying?

Re:Maybe it's time to rethink "digital everything" (1)

mrjb (547783) | more than 4 years ago | (#31074312)

Maybe it's time to greatly reduce our dependency on the digital world to secure trade and state secrets.

Make sure to hand in your geek card on the way out.

Obligatory XKCD (1)

Voyager529 (1363959) | more than 4 years ago | (#31074128)

http://xkcd.com/538/ [xkcd.com]

If the data is valuable enough to steal a computer and try to hack the TPM chip using acid and needles, then it's valuable enough to threaten the person with the password to divulge it.

Re:Obligatory XKCD (1)

John Hasler (414242) | more than 4 years ago | (#31074550)

> ...it's valuable enough to threaten the person with the password to divulge
> it.

That only works if you have both the computer and the person. Rubber hose cryptography is of little use if you have the laptop because a British cabinet member left it in a taxi.

Re:Obligatory XKCD (1)

jgtg32a (1173373) | more than 4 years ago | (#31074678)

A government employee? The password is 12345

It does not matter how hard it was/is. (1)

Yaa 101 (664725) | more than 4 years ago | (#31074178)

It does not matter how hard it was/is.

This message of success will assure that many other outfits will have a try at it for various reasons.

It's the proverbial ghost out of the bottle.

Solution is quite obvious (3, Funny)

funkman (13736) | more than 4 years ago | (#31074186)

Since using technique involves reverse engineering the chip, this is a clear violation of the DMCA. So just find your local attorney and prosecute.

Problem solved. Nothing to see here move along. Thanks for playing. :)

Step 1 - decap the chip without killing it (4, Insightful)

sillivalley (411349) | more than 4 years ago | (#31074244)

While decapping chips is done all the time in failure analysis labs, it isn't easy, and it's even harder if you're trying not to damage the chip (or yourself) in the process.

Decapping usually involves concentrated nitric and/or sulfuric acids. Temperature control is important. You want to carefully dissolve the plastic without destroying the lead frame and/or the bonding wires going from the lead frame to the die. You also want to complete this process without losing any fingers or your eyesight -- highly concentrated acids. Rinse carefully with deionized water and test to make sure the chip is still functional.

Now you can feed the chip to your electron beam probe, FIB mill, or just take pretty pictures.

Not the kind of thing you're going to do in your kitchen!

Unlimited physical access. (1)

Low Ranked Craig (1327799) | more than 4 years ago | (#31074324)

This required physical access to the device. If you have unlimited physical access to any device, digital or analog, you will eventually be able to crack it, assuming you have the available resources. The key is to keep the bad guys from getting access in the first place, which isn't always possible. Even the best security has numerous weak points, like the security guards that only make $40K a year, or people that leave their devices unattended in public places.

Probably best to store all critical information on punch cards and secure them in a burn safe guarded by people that are already multi-millionaires.

CHALLENGE TO TARNOVSKY (4, Insightful)

SiliconEntity (448450) | more than 4 years ago | (#31074352)

I've been reading about this hack for days, but something seems fishy. Some of the earlier reports [computerworld.com] had him hacking the SLE 66 CL processor chip which is embedded in the TPM, not the TPM itself. This article also describes him as having to work with many copies of the chip to discover its secrets, but it has the chips being inexpensive ones from China. Problem is that Infineon is a German company and I don't think you can get Infineon TPMs cheaply from China. Putting this together, it's not clear to me that he has truly hacked an Infineon TPM. He may have hacked a similar chip and he assumes that the same attack would work on TPM.

However, there is a way for him to easily prove that he has done what he said. Every Infineon TPM comes with an RSA secret key embedded in it, called the Endorsement Key or EK. This key is designed to be kept secret and never revealed off-chip, not to the computer owner or anyone. And Infineon TPMs also come with an X.509 certificate on the public part of the EK (PUBEK), issued by Infineon. If Tarnovsky has really hacked an Infineon TPM and is able to extract keys, he should be able to extract and publish the private part of the EK (PRIVEK), along with the certificate by Infineon on that key. The mere publication of these two pieces of data (PRIVEK and Infineon-signed X.509 cert on PUBEK) will prove that his claim is true.

Create a metal chip enclosure? (0)

Anonymous Coward | more than 4 years ago | (#31074358)

Obviously this works because it's possible to remove the (plastic/something) filling that the chip is made of and expose its circutry.

Would it be possible to cover the circutry with something that is extremely difficult to remove without also damaging the circutry? I would guess either something that requires any form of mechanical removal (obviously - glass?), or a less conductive metal alloy. If possible, even that a vital piece made of X is covered by material Y, and vital piece made of Y very very close to it is covered by material X, obviously the bottom layer connected and the top one isolated. Plastic/unconventional semiconductors anyone?

Thank you (0)

Anonymous Coward | more than 4 years ago | (#31074362)

Thank you, Tarnovsky. Thankovsky.

Re:Thank you (0)

Anonymous Coward | more than 4 years ago | (#31074476)

What do you think of when you hear the word "sulphur"? The benediction of our lady Margaret? Hydrosulphonic fluoridation of tetramedicine? Or maybe you think of something else entirely. But think again, because sulphur is one of the building blocks of life itself. Alpha, sulphur. Write that down.

This is good news (0)

Anonymous Coward | more than 4 years ago | (#31074408)

When the computer is trying to protect its owner's secrets, the key should be in the owner's head, not stored in a chip.

If the owner of the device knows the keys that will decrypt their data, then having physical access should get them everything they want. Defeating TPM shouldn't be a problem, because TPM shouldn't be relied on in the first place. If you're using TPM in this situation, then your system is mis-designed and you needed to fix that even before TPM was defeated.

That type of scenario aside, the most common use for TPM that people talk about, is where the owner knows what they're supposed to know, but the chip is supposed to still treat them as hostile and not let them access whatever they want. We're talking about DRM. That is not a legitimate case and The World Won't Miss You.

hardware security (1)

pizzap (1253052) | more than 4 years ago | (#31074510)

Please also note that even if we assume somebody “cracked” the TPM chip (e.g. using an electron microscope, or NSA backdoor), that doesn’t mean this person can automatically get access to the encrypted disk contents. This is not the case, as the TPM is used only for ensuring trusted boot. After cracking the TPM, the attacker would still have to mount an Evil Maid attack in order to obtain the passphrase or key. Without TPM this attack is always possible.

(http://theinvisiblethings.blogspot.com/2009/10/evil-maid-goes-after-truecrypt.html)

Once you have physical access to the machine... (1)

ub3r n3u7r4l1st (1388939) | more than 4 years ago | (#31074632)

ANY type of security will become crackable.

TPM scares me (0)

Anonymous Coward | more than 4 years ago | (#31074686)

I remember years ago when thinkpads introduced TPM chips there were engineers rattling off a long list of attacks the chips were not designed to protect against. Yes someone hacked it (with a needle?!??!?) but its like having your way with unencrypted and non-identity protected MS SMB protocols... You can demonstrate it and oooh an audience at Defcon but everyone who mattered already knew it could be done anyway.

My problem with the technology is not that it needs to have explosives built into the casing when people start sticking pins or put EM probes in the vacinity the IC instantly vaporizes. While that would certainly be cool its more of a basic question - what is the problem that TPM is trying to solve? Who does TPM protect what from?

Lets take the full disk encryption scenario for example. If you really care about your data you'll cheerfully input a novel passphrase each and every time the computer boots to gain access without question and make sure the memory is wiped and placed in a secure vault :) when the computer is not under your direct supervision.

Theres too much entropy in the key to make a brute force attack feasable so your just as safe as any other way of producing a master encryption key. If your computer is stolen just get another one and plop in a backup disk you've been keeping on the shelf and go on your merry way. The theif gets new hardware and none of your data.

How does a TPM make this scenario any better? It may make key management and rotation easier and more secure, it may protect components of the hardware from their owners..etc. But when you look at the basic equation if the TPM goes south or the computer dies then your data is now SOL because you can't access it. The management function of TPM is a tradeoff and IMHO not a good -- perhaps its necessary for general purpose use.

Use of TPM is better than morons using low entropy finger prints to log into their computers but at the end of the day in my view the technology seems to be answering the wrong question anyway.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>