I Don't Want to Sleep Tonight: Subverting Intel TXT with S3 Sleep

Presented at Black Hat Asia 2018, March 22, 2018, 10:15 a.m. (60 minutes)

The power consumption of PCs, laptops, and servers is important because it is related to cost and battery running time. The PC, laptop, and server environments that support advanced configuration and power interface (ACPI) provide six sleeping states (S0-S5) for reducing power consumption according to the operating status. In the sleeping state, CPU, device, and RAM are shut down as the steps of sleeping states increase.

When the system shuts down the components, the system can dramatically reduce power consumption. However, there is a disadvantage that the system should reinitialize the components. Initializations of the components take time to wake up and cause temporary shutdowns of security devices. UEFI firmware uses S3 bootscript to reduce time consumption and reactivates the security devices as soon as possible. Unfortunately, these increase the attack surface.

In this talk, we present how we neutralize the Intel TXT (Trusted eXecution Environment) using S3 sleeping state. Intel TXT is the hardware-based mechanisms that support dynamic root of trust measurement (DRTM) and validate platform trustworthiness during boot and launch. Intel TXT works with Trusted Platform Module (TPM) and extends the hashes of software to platform configuration registers (PCRs). The DRTM PCR values of the TPM are set first by the Intel TXT, and it is difficult to reset them to specific values. To show that Intel TXT can be neutralized, we targeted tBoot, a reference implementation of Intel TXT technology. The tBoot is an open source project and protects the VMM (Virtual Machine Monitor) and OS. We found some flaws of tBoot and confirmed that we could neutralize Intel TXT by resetting the PCRs to specific values using tBoot flaws and S3 sleep. These attacks have never been published before and we will share our research results.


Presenters:

  • Seunghun Han - Senior Security Researcher, National Security Research Institute of South Korea
    Seunghun Han is a Hypervisor and an Operating System Security Researcher at National Security Research Institute of South Korea and before that was a Firmware Engineer at Samsung Electronics. He is an expert in the hypervisor and had his own hypervisor, Shadow-Box. He also had several CVEs on Linux kernel and BIOS/UEFI firmware, and he contributed patches to various system and security software. He was a speaker at Black Hat Asia and HITBSecConf. He authored the below works: - 64-bit multi-core OS principles and structure, volume 1 (ISBN-13: 978-8979148367) - 64-bit multi-core OS principles and structure, volume 2 (ISBN-13: 978-8979148374)
  • Jun-Hyeok Park - Security Researcher, National Security Research Institute of South Korea
    Jun-Hyeok Park is a researcher of the Attached Institute of Electronics and Technologies Research Institute whose primary concern is to conduct scientific research on system and network security. He is currently working on developing a secure cloud access platform. He received the M.S. degree in electrical and computer engineering from Ajou University, Suwon, Korea.

Links:

Similar Presentations: