LPC Bus Sniffing Attack against Microsoft BitLocker in TPM-only Mode

In this SySS (www.syss.de/) proof-of-concept video, a sniffing attack against the Low Pin Count (LPC) bus communication of a trusted platform module (TPM) is demonstrated using the developed iCEstick LPC TPM Sniffer for the Lattice iCEstick Evaluation Kit [1].
This attack can be used to extract cryptographic keys (so-called Volume Master Keys [VMK]) used by the Microsoft BitLocker full-disk encryption when configured in TPM-only mode. Having access to the VMK enables an attacker to gain read and write access to the cleartext data of an encrypted BitLocker partition.
Hector Martin mentioned this attack last year on Twitter [2], and a few weeks later Denis Andzakovic published a blog article with the title "Extracting BitLocker Keys from a TPM" [3] where he described his approach in reproducing this LPC bus sniffing attack.
Our used iCEstick LPC TPM Sniffer [4] is a slightly modified and refactored version of the LPC Sniffer [5] by Alexander Couzens with TPM-specific modifications by Denis Andzakovic [6] which can be used to perform this kind of attack more easily.
In this demo video, a current Windows 10 system with Microsoft BitLocker in TPM-only mode and an ASUS TPM-M R2.0 [7] using an Infineon SLB 9665 TT 2.0 [8] chip is attacked.
The intention for this proof-of-concept video was to raise awareness for this possible LPC bus sniffing attack concerning the BitLocker TPM-only mode.
We do not recommend using BitLocker in TPM-only mode but with a pre-boot authentication (PBA) requiring one or more authentication factor (also see Microsoft's BitLocker recommendations [9]).
[1] Lattice iCEstick Evaluation Kit
www.latticesemi.com/icestick
[2] Tweet regarding LPC bus sniffing attack against BitLocker TPM-only mode, Hector Martin, 2019
/ 1080869868889501696
[3] Extracting BitLocker Keys from a TPM, Denis Andzakovic, 2019
pulsesecurity.co.nz/articles/...
[4] SySS iCEstick LPC TPM Sniffer, Matthias Deeg, SySS GmbH, 2020
github.com/SySS-Research/ices...
[5] LPC Sniffer, Alexander Couzens, 2017
github.com/lynxis/lpc_sniffer/
[6] LPC Sniffer TPM, Denis Andzakovic, 2019
github.com/denandz/lpc_sniffe...
[7] ASUS TPM-M R2.0
www.asus.com/Motherboard-Acce...
[8] Infineon SLB 9665 TT 2.0 TPM
www.infineon.com/cms/en/produ...
[9] BitLocker Countermeasures, Microsoft, 2019
docs.microsoft.com/en-us/wind...
#BitLocker #TPM #iCEstick

Пікірлер: 17

  • @Alextherock9
    @Alextherock93 ай бұрын

    Great skills you have. You can make a lot of money if you offer this service.

  • @MischuWeingart
    @MischuWeingart4 жыл бұрын

    Guten Abend. Können Sie mir vielleicht einen Tipp geben, wie ich die Kabel vom ICEStick an den TPM anbringen kann. Was haben Sie da für Verbindungskabel genommen oder welche würden Sie empfehlen und muss dies beim Chip angelötet werden? Ich komme aus dem Informatik-Bereich und kenne mich mit Elektronik nicht sehr gut aus. Besten Dank und freundliche Grüsse

  • @tiltedtones
    @tiltedtones4 ай бұрын

    Thank you so much for this video. I've been able to replicate this almost up until completion. Except at the end once all is prepped and ready to go, when I launch the lpc_tpm_sniffer.py, I get "Unable to to connect to FTDI serial interface". Using most recent version of Ubuntu, and have removed the default ubuntu usb drivers, and install the d2XX drivers. Does the Ice Stick have to be in d2xx mode on both side A and B? Is there additional config not covered in the original thread? Any help is appreciated! Thank you!

  • @s1lky1337
    @s1lky13374 жыл бұрын

    Das ist schon ziemlich cool, ich hab noch nie gesehen dass das jemand vorher gemacht hat. Gilt das als 0-day oder ist das eine gängige Methode? 😁

  • @SySSPentestTV

    @SySSPentestTV

    4 жыл бұрын

    Diese Schwachstelle ist schon länger bekannt und daher kein 0-day (siehe Referenzen in der Videobeschreibung).

  • @TheSgfronz
    @TheSgfronz3 ай бұрын

    Would this method work on a USB thumb drive that has been bitlocked?

  • @PlastickdaN
    @PlastickdaN11 ай бұрын

    What cables/fly leads are you using to connect the J1 on the iCEstick to the TPM chip?

  • @SySSPentestTV

    @SySSPentestTV

    10 ай бұрын

    Some jumper wires and a simple custom-made breakout board are used. You can find more information in our GitHub repository for the "iCEstick LPC TPM Sniffer" ( github.com/SySS-Research/icestick-lpc-tpm-sniffer ).

  • @JeanAventura
    @JeanAventura2 жыл бұрын

    Hello my friend do you know if it is possible to perform this on a dead Dell XPS 15 motherboard?

  • @PiotrK2022

    @PiotrK2022

    Жыл бұрын

    Yes, you can fix it and then crack...

  • @robertolatella8265
    @robertolatella826511 ай бұрын

    could you show a diagram with the pinouts of the icestick?

  • @SySSPentestTV

    @SySSPentestTV

    10 ай бұрын

    You can find the pinout in our GitHub repository for the "iCEstick LPC TPM Sniffer" ( github.com/SySS-Research/icestick-lpc-tpm-sniffer ).

  • @chaminda512
    @chaminda5123 жыл бұрын

    What about the TPM 2.0 which integrated directly in to CPU

  • @SySSPentestTV

    @SySSPentestTV

    3 жыл бұрын

    We are currently not aware of sniffing attacks against fTPMs.

  • @gianfrancobriones

    @gianfrancobriones

    8 ай бұрын

    someone successfully sniffed an AMD fTPM in May 2023. kindly Google the sniffers 👃

  • @gianfrancobriones
    @gianfrancobriones8 ай бұрын

    DPM - Doubting Platform Module