Intel's current implementation of trusted computing has vulnerabilities in two separate components, allowing it to be circumvented, two security researchers claimed Tuesday.
The technology, known as Intel's Trusted Execution Technology (TXT), comprises a set of extensions to the processor's instruction set as well as additional hardware, such as the Trusted Computing Module (TPM), a central component of the Trusted Computing Group's vision of cryptographically secured hardware. The two researchers, Rafal Wojtczuk and Joanna Rutkowska of Invisible Things Lab, claimed to have found flaws in specific Intel system software (corrected) and a design issue that, together, would allow an attacker to "compromise the integrity" of any software loaded by the TXT boot loader, the duo stated on Tuesday.
Because Intel's Trusted Execution Technology is not widely deployed, the company has time to fix the issue, Rutkowska said.
"This doesn't affect normal users today," Rutkowska said in an e-mail sent to SecurityFocus. "TXT is a new upcoming security technology, almost not used today. Our research should be of most interest to system developers, who might be thinking about implementing TXT to secure their products, processor/chipset/OEM vendors, (and) some government agencies."
Computer makers are increasingly adopting hardware encryption to help secure desktop and laptop computers as well as mobile devices from malicious attacks and data breaches. In 2004, Intel announced it would create security hardware, known as LaGrande, to lock down certain devices. Microsoft announced similar efforts, dubbed the Next Generation Secure Computing Base, to prevent the copying of sensitive data and prevent malicious attacks. Both technology visions became part of the security platform proposed by the Trusted Computing Group, of which both Microsoft and Intel are members. Intel renamed LaGrande as the Trusted Execution Technology (TXT).
The researchers had contacted Intel last November with some details of their research and followed up with more information in December. They plan to release their research at the Black Hat Security Briefings next month.
Intel confirmed that it had been contacted by the two researchers, but could not confirm the details of the attack. The company planned to have members of its security team attending the presentation, a spokesperson said.
"We are not yet talking about what the particular fix would be for this," the Intel representative said. "We are working with (the researchers) to establish the extent of the problem."
CORRECTION: The original article identified an incorrect piece of software as the origin of the flaws found by the researchers. The vulnerabilities are allegedly present in system software developed by Intel.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos