Sign In

Communications of the ACM

ACM TechNews

Security Chip That Does Encryption in Pcs Hacked

View as: Print Mobile App Share:
Christopher Tarnovsky

Christopher Tarnovsky spoke at the Black Hat Briefings in Arlington, Va.

Credit: AP Photo / Jacquelyn Martin

Security consultant Christopher Tarnovsky recently discovered a way to break chips that carry a Trusted Platform Module (TPM) designation by essentially spying on them like a phone conversation. Chips that use TPM technology are considered the most secure available and are used in as many as 100 million PCs and servers, according to IDC. Tarnovsky says his technique also can be used to tap text messages and email from a lost or stolen phone.

However, the Trusted Computing Group, which sets standards on TPM chips, called the attack "exceedingly difficult to replicate in a real-world environment" because of the time, money, and skill required. Tarnovsky needed six months to hack the chip. He first soaked the chips in acid to expose the core. Then he found the right communication channels that connect the chip to the computer's memory.

Tarnovsky's method represents a huge advancement that chip companies should take seriously because it shows that presumptions about security should be reconsidered, says Grand Idea Studio's Joe Grand.

View Full Article


Abstracts Copyright © 2010 Information Inc., Bethesda, Maryland, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account