Napper: a bootable USB device based-on Linux, with custom kernel and a vulnerability checking software, to check for TPM vulnerabilities

Finally, I Can Sleep Tonight: Catching Sleep Mode Vulnerabilities of the TPM with the Napper
Seunghun Han | Senior Security Researcher, National Security Research Institute of South Korea
Jun-Hyeok Park | Senior Security Researcher, National Security Research Institute of South Korea

[…]In this talk, we present two vulnerabilities, CVE-2017-16837 and CVE-2018-6622. The vulnerabilities we found can subvert the TPM with Advanced Configuration and Power Interface (ACPI). ACPI in PCs, laptops, and servers provide six sleeping states (S0-S5) for reducing power consumption. When the system enters the sleeping state, CPU, device, and RAM are powered off. Since the system powers the components off including security devices, the system should reinitialize them while waking up and this could be the attack surface. We found vulnerabilities on this attack surface without physical access. To mitigate the vulnerabilities, we also present countermeasures and a new tool, “Napper,” to check the vulnerabilities of the TPM. Napper is a bootable USB device based-on Linux, and it has a custom kernel and a vulnerability checking software. When you boot a system with the Napper, it makes your system to take a nap to check the vulnerabilities and to report the result to you.

https://www.blackhat.com/asia-19/briefings/schedule/index.html#finally-i-can-sleep-tonight-catching-sleep-mode-vulnerabilities-of-the-tpm-with-the-napper-13588

See-Also:

https://www.blackhat.com/asia-18/briefings.html#i-dont-want-to-sleep-tonight-subverting-intel-txt-with-s3-sleep

https://www.usenix.org/conference/usenixsecurity18/presentation/han

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s