Microsoft pluton security co-processor will address some TPM flaws
The Pluton security co-processor is built in collaboration with AMD, Intel and Qualcomm, and will be used to protect credentials, user identities, encryption keys, and personal data.
Although it was announced yesterday for Windows 10 PC, Pluton has been used since 2013 to protect Xbox One.
Microsoft reported in a press release that Pluton addresses the communication vulnerability between the processor and the Trusted Platform Module (TPM), a discrete chip used in authentication features such as Windows Hello and BitLocker.
Because of its critical role, attackers have begun to explore its vulnerabilities to control the host system, particularly by interrupting its communication with the processor when they are in transition.
Previously, it has been demonstrated that an attacker can remove BitLocker keys stored within TPM using a cheap FPGA board and publicly available code.
The purpose of pluton is to solve this issue by directly embedding it into the processor.
It will simulate a TPM that works with existing TPM specifications and APIs to reduce the complexities of integration.
Microsoft claims that any information it stores cannot be removed from the pluton, even if the attacker has full physical access to the PC. Sensitive data such as encryption keys are stored in the pluton itself and are separated from other components.
This makes it strict against emerging techniques such as speculative execution.
In addition, by adding Secure Hardware Cryptography Key (SHACK) to the pluton, the security key is contained only in the protected hardware.
Even the pluton firmware does not have access to them. In addition, Pluton will provide a more secure way to update firmware that provides a platform that is managed and maintained by Microsoft.
This is another improvement for Microsoft's secure-initiative, a project aimed at defending against firmware attacks that is becoming increasingly prevalent.
In a blog post, Microsoft stated that firmware has become an attractive target for attackers as they have higher privileges.
Attacks against firmware can be circumvented by traditional security measures such as secure boot implemented by the operating system.
One of the safe-core's countermeasures against firmware attack is the Windows Defender System Guard which establishes a dynamic root of trust.
In an email to IT World Canada, Microsoft stated that Pluton is a complement to Secured-core, but a system can be on its own with Pluton or Secured-core.
Pluton will help increase overall system security by building on existing TPM protection.
Pluton will work closely with embedded security systems in today's processors, such as the AMD Security Processor (ASP), an ARM-based security subsystem built into almost all modern AMD processors. AMD described its different roles in its news release: "Pluton helps provide security to Windows PC systems by acting as a unified hardware root of trust for the Windows ecosystem, while ASP Trust's Silicon Hardware Acts as a root which helps to provide integrity by authenticating the initial firmware. Loaded on platforms. "Intel, AMD and Qualcomm have not yet revealed when Pluton will arrive in their products, but are expected to meet them soon.
No comments