SHA-1 Uses in TPM v1.2

Date Published: January, 01, 2011

This document catalogs the usages of SHA-1 in the TPM v1.2 specifications and assesses the impact of the collision attacks discovered in 2005 against them. In general the TCG took several precautions to guard against collision attacks, such as concatenating fresh randomly generated values or randomly generated values unknown to the outside to the data before hashing.

Also, the use of fixed structures in the data impedes the ability of an attacker to manipulate the data to effectively carry out a collision attack.
We did find one corner case in which the RSA signature command may hash the input before signing. In this case the TCG inadvertently chose a value outside of the TPM’s control to concatenate to the data before signing. Had they been consistent in choosing a fresh randomly generated value, there would be no problem here. Otherwise, the TPM uses SHA-1 in a manner that protects the TPM and its responses from the SHA-1 collision attacks.
SHA-1 Uses in TPM verstion 1.2 – Download this White Paper.
Tags:

Join

Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.

Join Now

Trusted Computing

Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.

Read more

Specifications

Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.

Read more
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.