Browse Prior Art Database

Method for secure rollback of firmware using TPM NV Index

IP.com Disclosure Number: IPCOM000229947D
Publication Date: 2013-Aug-08
Document File: 3 page(s) / 34K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a secure way to rollback the firmware by using a policy stored in the Trusted Platform Module (TPM) Non-Volatile (NV) index. As part of TPM provisioning during manufacturing, this TPM NV index is defined such that its contents (rollback policy) can only be changed by physically present users, thus preventing any type of remote rollback attacks.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 3

Method for secure rollback of firmware using TPM NV Index

Rollback attack is defined as the process of updating to an older level of released code from the manufacturer and exploiting potential security vulnerabilities in this code. It is difficult to prevent such an attack, as the exploiter is using a valid code from the manufacturer. All the security checks pass as it was signed by the manufacturer.

The firmware rollback attack is a widely recognized industry problem and United States Government agencies are working with the National Institute of Standards and Technology (NIST) to publish a document (NIST SP800-147b draft) mandating that server manufacturers have methods in place to prevent unauthorized firmware rollbacks.

One of the solutions to address this issue is to completely prevent any rollback to older levels. However, this solution is not practical because customers would like to be able to go back to a previous level of code when some function is broken with the latest code without waiting for the resolution of the issue. In addition, customers typically want to run the same level of code on all of the servers. If a newly procured server has latest level of code, it is common practice to downgrade the code level to same as all other servers

One known technique is to use a policy stored in Non-Volatile Random Access Memory (NVRAM) or Complementary Metal Oxide Semiconductor (CMOS). However, this technique is susceptible to remote attacks.

The novel approach is a secure way to rollback the firmware by using a policy stored in the Trusted Platform Module (TPM) Non-Volatile (NV) index. As part of TPM provisioning during ma...