On 11/12/2014 2:51 PM, David Li wrote: > Hi John, > > This man page helps a lot! > > My PCR hashes are generated by the motherboard vendor. I have a > question: Can an attacker easily change or swap these hash values inside > the TPM if he has the root privilege? I am not talking about MITM attack > that intercepts the PCR values on the fly but rather attacks that change > PCR values somehow after boot and before quote and verification operations.
No. There is no way for anyone, even root, to directly write a value to a PCR. It's called an extend. Once an input is extended, there is no "undo". > I investigated this question and thought this would be difficult. The > first measurement should be P1 = Hash(CRTM) where CRTM is the static > Core Root of Trust Measurement. It's immutable. All subsequent hashes > include this first hash value, i.e. P2 = Hash(P1|| Firmware2). So this > is not possible UNLESS the attacker can command the CRTM to recreate the > first hash P1 and then insert his own firmware measurements on top of that. If the attacker can change the CRTM, they win. The platform manufacturer is supposed to make the CRTM immutable. In practice, this means that it can't be changed through a remote attack. ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
