Trusted Platform Module Cryptography Chip Hacked
Christopher Tarnovsky, a computer security consultant from Vista, California, has found a way to hack into Ideazon’s TPM, a device that is used in millions of computers to store encrypted data securely. It’s a pretty in depth hardware hack, and it requires physical access to the device, so for most users this will be a non-issue, but for top level goverment agencies, it could cause a few problems if sensitive devices are lost or stolen.
Christopher revealed his hack during his presentation at Black Hat 2010. The method is wicked-hard, involving removal of the chips case and top layer [disolved using acid!], then tapping into a data bus to get at unencrypted data. The chip still has some tricks up its sleeve and includes firmware traps that keep a look out for this type of attack, shutting down if its detected. Infineon commented that they knew this was possible but regard it as a low threat due to the high skill level necessary for success.
Comments are closed.