SHA-1 Uses in TPM v1.2

White Paper

This document catalogs the usages of SHA-1 in the TPM v1.2 specifications and assesses the impact of the collision attacks discovered in 2005 against them. In general the TCG took several precautions to guard against collision attacks, such as concatenating fresh randomly generated values or randomly generated values unknown to the outside to the data before hashing.

Also, the use of fixed structures in the data impedes the ability of an attacker to manipulate the data to effectively carry out a collision attack.

We did find one corner case in which the RSA signature command may hash the input before signing. In this case the TCG inadvertently chose a value outside of the TPMÍs control to concatenate to the data before signing. Had they been consistent in choosing a fresh randomly generated value, there would be no problem here. Otherwise, the TPM uses SHA-1 in a manner that protects the TPM and its responses from the SHA-1 collision attacks.

Newsletter Signup

Stay current with Trusted Computing Group (TCG) activities, including recent case studies, press releases, industry news and upcoming events via the TCG Newsletter!

By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

SHA-1 Uses in TPM v1.2

Latest Version

FAQ

Newsletter Signup

Contact Us

Subscribe to our newsletter