Formal Security Analysis on Trusted Platform Module Based on Applied π Calculus

Xu Shiwei; Zhang Huanguo

Journal of Computer Research and Development > 2011 > 48(8): 1421-1429.

Xu Shiwei, Zhang Huanguo. Formal Security Analysis on Trusted Platform Module Based on Applied π Calculus[J]. Journal of Computer Research and Development, 2011, 48(8): 1421-1429.

Citation:

Xu Shiwei, Zhang Huanguo. Formal Security Analysis on Trusted Platform Module Based on Applied π Calculus[J]. Journal of Computer Research and Development, 2011, 48(8): 1421-1429.

Citation:

Xu Shiwei, Zhang Huanguo. Formal Security Analysis on Trusted Platform Module Based on Applied π Calculus[J]. Journal of Computer Research and Development, 2011, 48(8): 1421-1429.

PDF (934 KB)

Formal Security Analysis on Trusted Platform Module Based on Applied π Calculus

Xu Shiwei^1,2,3,
Zhang Huanguo^1,2,4

1(Computer School, University of Wuhan, Wuhan 430072) 2(Key Laboratory of Aerospace Information Security and Trusted Computing(Wuhan University), Ministry of Education, Wuhan 430072) 3(School of Computer Science, Birmingham University, Birmingham, United Kingdom B15 2TT) 4(State Key Laboratory of Software Engineering(Wuhan University), Wuhan 430072)

More Information

Published Date: August 14, 2011

Graphical Abstract

Abstract

Abstract

Trusted computing is a popular paradigm to enable computers to achieve a greater level of security than is possible in software alone. The core hardware component, named trusted platform module (TPM), is designed to achieve this goal. As there are many relevant products on the market and some attacks have already been found, it is very necessary to carry out the security analysis of TPM. However, because TPM is a complex security component whose specification is too long to be completely covered, the existing work hasnt formally or fully analyzed the issues about the various security properties. An applied π calculus model of the interactive processes between TPM and its user is proposed as a solid foundation for discussing the various security properties. Based on the formal model, the secrecy, authentication and weak secrecy problems of TPM are identified and formalized, some known attacks are rediscovered and some new attacks are found via a formal way rather than descriptions in natural language. Furthermore, the fixing proposals for the corresponding security vulnerabilities are presented and verified. In order to make the analysis and verification more accurate and efficient, the automatic theorem proving tool is also used during the analysis and verification.
- trusted computing,
- trusted platform module (TPM),
- applied π calculus,
- concurrent processes,
- security analysis

FullText(HTML)

References (0)

[1]	Luo Yating, He Hongjie, Chen Fan, Qu Lingfeng. Security Analysis of Image Encryption for Redundant Transfer Based on Non-Zero-Bit Number Feature[J]. Journal of Computer Research and Development, 2022, 59(11): 2606-2617. DOI: 10.7544/issn1000-1239.20210558
[2]	Qu Lingfeng, He Hongjie, Chen Fan, Zhang Shanjun. Security Analysis of Image Encryption Algorithm Based on Block Modulation-Scrambling[J]. Journal of Computer Research and Development, 2021, 58(4): 849-861. DOI: 10.7544/issn1000-1239.2021.20200011
[3]	Wang Lina, Wang Kaige, Xu Yibo, Tang Benxiao, Tan Xuanze. An Evaluation of Carrier Security for Image Steganography Based on Residual Co-Occurrence Probability[J]. Journal of Computer Research and Development, 2018, 55(12): 2664-2673. DOI: 10.7544/issn1000-1239.2018.20170757
[4]	Yin Jun, Ma Chuyan, Song Jian, Zeng Guang, Ma Chuangui. Security Analysis of Lightweight Block Cipher ESF[J]. Journal of Computer Research and Development, 2017, 54(10): 2224-2231. DOI: 10.7544/issn1000-1239.2017.20170455
[5]	Lu Yemian, Ying Lingyun, Su Purui, Feng Dengguo, Jing Erxia, Gu Yacong. Security Analysis and Evaluation for the Usage of Settings Mechanism in Android[J]. Journal of Computer Research and Development, 2016, 53(10): 2248-2261. DOI: 10.7544/issn1000-1239.2016.20160449
[6]	Li Yongji, Li Shixian, and Zhou Xiaocong. Bialgebraic Semantics of the Typed π-Calculus[J]. Journal of Computer Research and Development, 2012, 49(8): 1773-1780.
[7]	Gu Yonggen, Fu Yuxi. Formal Analysis of Security Protocol Based on Process Calculus and Knowledge Derivation[J]. Journal of Computer Research and Development, 2006, 43(5): 953-958.
[8]	Zhou Wei, Yin Qing, and Wang Qingxian. Abstract Security Properties in Process Algebra[J]. Journal of Computer Research and Development, 2005, 42(12): 2100-2105.
[9]	Han Xiaoxi, Yao Gang. The Combined Use of FAPKC Without Compromising the Security of the Cryptosystem[J]. Journal of Computer Research and Development, 2005, 42(10): 1692-1697.
[10]	Zhuo Jiliang, Li Xianxian, Li Jianxin, and Huai Jinpeng. A New Taxonomy of Attacks on Security Protocols and Their Security Evaluation[J]. Journal of Computer Research and Development, 2005, 42(7): 1100-1107.