Provide a 7 pages analysis while answering the following question: Trusted Platform Module Vulnerabilities. Prepare this assignment according to the guidelines found in the APA Style Guide. An abstract is required. In A hijacker’s guide to communication interfaces of the trusted platform module, Winter & Dietriech (2013) use already provided information as a methodology to study TPM. They use publicly available open-source Linux kernel contributions information to analyze the existing TPM interface. To access the internal registers of the I2C TIS TPM, the authors use the IC device address and the TPM specific internal register address. However, the problem is that in the current world, there is no approved and publicly available TCG standard that can be used for TPMs with I2C. This is an aspect that limits the findings of this article (Winter & Dietriech, 2013).
Varadharajan & Tupakula (2014) employ the attacker model as the methodology to study the vulnerabilities of TPM. The model uses the TPM attestation between the tenant virtual machine Attestation Provider (AP) and the customer Attestation Requestor (AR) before performing the transactions. To make it workable in the process of attestation, all hardware and software aspects in the trusted platform are measured using hash values when booting and measurements are stored securely in the prevention of modification. However, the problem with this attestation technique is it has the possibility of reducing the trust in the property attestation process and cause a scenario where AR cannot ascertain AP truly satisfies the properties that are presented to it. This shows the vulnerability of TPM (Varadharajan & Tupakula, 2014)
Parno (2012) uses techniques from secure multiparty computation, a protocol for verifiable computing to provide computational integrity for work done by an untrusted party. The protocol provides asymptotically optimal performance and needs a one-time preprocessing stage. In the methodology, O(|C|) is time, where C is the smallest known Boolean circuit computing F.