Tpmfail: a timing attack that can extract keys from secure computing chips in 4-20 minutes

Daniel Moghimi, Berk Sunar, Thomas Eisenbarth and Nadia Heninger have published TPM-FAIL: TPM meets Timing and Lattice Attacks, their Usenix security paper, which reveals a pair of timing attacks against trusted computing chips ("Trusted Computing Modules" or TPMs), the widely deployed cryptographic co-processors used for a variety of mission-critical secure computing tasks, from verifying software updates to establishing secure connections.

The attacks can be mitigated with a firmware update from Intel, which you should really install, as the Tpmfail attacks can be executed over never-seen short timescales in the range of 4-20 minutes.

The attacks target the ST33 TPM chip and Intel PTT,a software-based TPM. There's proof-of-concept code coming on Github, and a dedicated website that goes into detail on the theoretical basis for these attacks.

Successful attacks on TPMs are a really big deal: for many security applications, a TPM is presumed to be completely immune to remote attacks, with every other security measure relying on the TPM's integrity.

Chances are this won't be the last attack like this we see; as with Spectre and Meltdown, the discovery of a new way to compromise a system often sparks inspiration among other researchers, who dream up new and devious variations on the theme.

A hacker can use these vulnerabilities to forge digital signatures. If your operating system or any of the applications on your computer use the TPM to issue such digital signatures, the private signing key used for signature generation can be compromised. Compromised signing keys can be used to forge signatures for bypassing Authentication, tampering the OS, and other bad things depending on what the digital signatures are used for.

TPM.fail

TPM-FAIL: TPM meets Timing and Lattice Attacks [Daniel Moghimi, Berk Sunar, Thomas Eisenbarth and Nadia Heninger/Usenix Security 2020]

TPM-FAIL [Github]

TPM-FAIL vulnerabilities impact TPM chips in desktops, laptops, servers [Catalin Cimpanu/Zdnet]

(via /.)