Security Analysis and Improvement of the TNC IF-T Protocol Binding for Tunneled EAP Methods

Abstract

The TNC IF-T Protocol Binding for Tunneled EAP Methods (TIPBTEM) is specified by Trusted Computing Group (TCG) for TNC assessment (i.e., PlatformAuthentication) exchanges. Because the TIPBTEM includes Platform-Authentication in addition to the usual user authentication, it differs greatly from the traditional security protocols in terms of security requirements. To analyze the security of the TIPBTEM correctly, the extended strand space model (SSM) for trusted network access protocols is applied in this paper. And it is pointed out that the TIPBTEM cannot prevent manin-the-middle (MITM) attacks in some cases. To eliminate MITM attacks, the unsecure cases of the TIPBTEM are improved based on cryptographic binding. And then it is showed that these improved TIPBTEM cases can resist MITM attacks in the extended SSM.