TPM on Embedded Systems: Pitfalls and Caveats to Watch Out For
4 months ago
- #Cryptography
- #Embedded Security
- #TPM
- Trusted Platform Module (TPM) chips have been in use for over 20 years, with TPM 2.0 released in 2014.
- TPMs are standard in PCs and are now being adopted in embedded Linux sectors due to legal requirements like EU’s CRA.
- TPMs can be dedicated chips or firmware-based (fTPM), emulated in secure environments like UEFI or Arm TrustZone.
- Common TPM use cases include cryptographic algorithms for network protocols (TLS) and storage security (LUKS/dm-crypt, BitLocker).
- TPM keys can be sealed to PCR values, ensuring keys are only usable under specific integrity conditions.
- Embedded devices differ from PCs in boot processes, threat models, and longer lifecycles (10+ years).
- Physical attacks on embedded devices include bus snooping, MitM attacks, and TPM resets to bypass PCR checks.
- Linux Kernel 6.10 introduces mechanisms to detect TPM interposer attacks using NULL seed volatility.
- fTPMs eliminate physical bus vulnerabilities but are prone to side-channel attacks and TEE flaws.
- TPMs cannot mitigate all threats; additional measures like SELinux, AppArmor, and secure boot chains are essential.
- TPM firmware updates are critical, especially for vulnerabilities like TPM-FAIL (CVE-2019-16863).
- Cold boot attacks can leak secrets from main memory after TPM unsealing, requiring mitigations.
- TPMs are slow; offloading heavy cryptography to them is impractical, but they can secure long-term keys.