Browse Prior Art Database

Method to detect and take action against physical theft or alteration of Core Root of Trust Measurement (CRTM)

IP.com Disclosure Number: IPCOM000169625D
Original Publication Date: 2008-Apr-24
Included in the Prior Art Database: 2008-Apr-24
Document File: 2 page(s) / 28K

Publishing Venue

IBM

Abstract

Trusted Computing Group specification outlines how a system should provide CRTM (Core Root of Trust Measurement) code in BIOS which uses TPM (Trusted Platform Module) chip to make the system secure against any software attacks. The specification does not cover how a system could avert any physical threats to the CRTM which is the heart of security against software attacks. This article describes a unique solution to this problem by checking for any physical attacks against the CRTM using proprietary code resident in system FPGA (Field Programmable Gate Array) Module.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 84% of the total text.

Page 1 of 2

Method to detect and take action against physical theft or alteration of Core Root of Trust Measurement (CRTM)

Described is an idea is to add another level of protection where the FPGA verifies whether the CRTM code is trustworthy before the CRTM code is allowed to hand off control to rest of the BIOS code for boot to progress. Description of how the idea works is shown in the figure.

1st Code fetch at reset

Port 0x80 and FPGA check point register write of 0xC0

If new CRTM flash update and new code is signed properly then send new hash data to FPGA

CRTM measures Self and passes 20 byte hash value to FPGA

FPGA compares against value he has from last CRTM flash update

Hold system in reset with a unique checkpoint to indicate CRTM compromised

No

Yes

Compares Good?

Monitor checkpoint sequence and if sequence good let system boot other hold system in reset

     System FPGA has a 20 byte hash value for current valid CRTM code which is passed onto FPGA whenever CRTM code is flashed. FPGA stores this expected 20 byte hash value in a register that software running on host CPU has write only access to. FPGA uses this register value to match against hash value provided to it every boot by the runtime CRTM code to confirm CRTM code is good.

     At the first checkpoint FPGA expects the CRTM code to run the SHA1 measuring algorithm on itself and send 20 byte hash value via the register interface described

1

Page 2 of 2

above. FPGA verifies if it...