Data centers play a crucial role in business operations across the globe, but they remain prime targets for cybercriminals. Should an interposer position themselves between the Central Processing Unit (CPU) and a hardware Root of Trust – such as the Trusted Platform Module (TPM) - within a data center, they can cause significant damage by gaining possession of legitimate control signaling between the CPU and the TPM. Interposers can even inject their own boot code into the CPU and wield an authorization key to fool a remote verifier to make the TPM attest to the integrity of fraudulent information. This allows them to snoop, suppress and modify vital signals and measurements, and, as a result, will be able to access and exploit secrets and information from within the data center, weaponizing it against the operator.
To this end, the Data Center Work Group at TCG has been formed to establish trust within systems and components within a data center, focusing primarily on developing protective measures against any active interposers within a system. The Work Group will examine the existing attack enumerations against data centers and devise ways to avoid or mitigate them. These attacks include the feeding of compromised boot code to the CPU, impersonations of the CPU to the TPM, the suppression and injection of false measurements to a legitimate TPM, and the redirection of legitimate measurements to an attacker-controlled TPM.
Dennis Mattoon and Jeff Andersen have been confirmed as the Co-Chairs of the Work Group. Mattoon is a Principal Software Development Engineer for Microsoft Research, and Co-Chairs the Attestation, Supply Chain Security, DICE, and Marketing Work Groups at TCG. Andersen is a Staff Software Engineer at Google and became a member of the TCG in 2021.
“We’re delighted to publicly announce the formation of the new Work Group”, said Co-Chair Jeff Andersen. “Current data center hardware designs make it difficult for CPUs to be permanently bonded with the TPM, creating a gap for malicious entities to exploit. Our goal is to overcome the interposers operating within this area and mitigate the significant threats they can bring to data centers”.
The Work Group will also look at protecting the data center against hackers looking to clear platform configuration registers (PCRs) in the legitimate TPM by falsely asserting that the CPU has reset. As a result, operators will be able to trust that the components and hardware found within the system are operating successfully without the fear it may become weaponized by an attacker.
More to explore
For more information about the Data Center Work Group, please visit the Trusted Computing Group website. https://trustedcomputinggroup.org/