In early October of 2017, researchers announced, publicly, a cryptographic vulnerability in the RSA generation algorithms found within practically every TPM, using Infineon's RSA library. This vulnerability would effectively allow an attacker to easily guess the private key component of the RSA key stored within the TPM - rendering the protections and insurances granted by the TPM useless. Turns out, many TPM's actually use Infineon's technologies, meaning many TPM's are vulnerability - including all Asus and Gigabyte TPM's (that I know of).
tl;dr - TPM broke, I sad, TPM need fix.
SuperMicro AOM-TPM-9665V (Vertical) Trusted Platform Module with Infineon 9665, TPM 2.0, uses TCG 2.0. Specifications: Physical Dimensions (W x L x H): Vertical Design / 8mm x 26mm x 25mm Supported Platforms: X10 motherboards with 20-pin TPM header. 'TPM 1.2/2.0 (Infineon, soldered down); ' I have not found any TPM upgrade to version 2.0 anywhere.' He has advised that I ' investigate whether HP EliteBook Folio 1040 G2 Notebook PC has TPM upgrade to ver. Check the firmware version. Follow these steps to check the currently installed firmware version of the TPM: Hold down the Windows key and press the R key. The 'Run' dialogue box will open up. In the 'Run' dialog box, enter 'tpm.msc' and select 'OK'. Check if the Manufacturer Name is 'IFX' and Manufacturer Version is '4.31' or '4.32'. TPM chip Infineon SLB9656 TPM1.2 This chip doesn't support update to TPM ver. Detailed description of TPM is in this thread: HP TPM Configuration Utility - Updating TPM Firmware and Converting Between TPM HPSBHF03568 rev. 7 - Infineon TPM Security Update Last updated: 21-May-2018 Advisory. The Infineon TPM 2.0 Application Note shows how the TPM device driver can be set up (e.g. For Linux Kernel 4.14). Usage of ELTT2 2.1 Generic Usage. ELTT2 is operated as follows: Call:./eltt2 For example:./eltt2 -g or./eltt2 -gc. For getting an overview of the possible commands, run./eltt2 -h.
Since the point of TPM's is to perform key protection inside hardware, a software fix is impossible. This is so difficult to mitigate that Window's just resorts to emitting a warning in the Event Logs like the one below:
Now, 6 months later and over a year since Infineon was notified of this issue, Asus and Gigabyte have yet to release updates for their TPM's. Although, I'm not particularly surprised considering most consumers would likely brick their machine's when trying to update (or not need to update to begin with). Thankfully, many enterprise-centered company's use these Infineon based TPM's, meaning we, the consumers, can piggyback off of enterprise clients shouting for a fix.
In this case, it turns out that the Asus and Gigabyte TPM's are effectively the same one's found in some Supermicro servers, and of course, Supermicro had to release firmware updates - updates that we can use.
Getting Started
Before I get started, I want to make sure the TPM is working in my device. I can ask Window's about it via the Get-TPM
command.
Getting the Firmware
Everything looks good! Now to get the firmware. I found a compatible version on Supermicro's driver site (Driver FTP).
Looking through the files extracted files, there are two directories:
The important files are these:
I'm going to copy the above to the same folder, because I'm lazy.
Now .workspace
contains the following files:
Now to upgrading the firmware!
Upgrading the Firmware
Let's make sure TPMFactoryUpd.exe
detects the TPM.
And it does, sweet! Now to run the upgrade.
Sad panda, it turns out we need to disable the TPM module in the BIOS/UEFI before we can flash the firmware update. Time to connect my Spider KVM and boot into the UEFI menu. BTW, Spiders are awesome, but don't pay full price!
Now to disable the TPM.
After booting back into Windows, it looks like disabling the TPM fixes the Empty Buffer
problem:
Now I can try to update the TPM again.
And it works!
Wrapping Things Up
A disabled TPM is rather useless, time to boot back into the UEFI menus to enable it.
And since this vulnerability is for RSA key generation, it's best to reset all generated keys. I used a TPM clear to do this, plus a reboot.
After getting back into Windows, I'm greeted with a lovely success message.
And as a final check, it looks like the ManufacturerVersion
was updated to 5.62
.
Infineon Tpm Slb 9665 Tpm2.0
Yeah, no more weak keys!
Infineon TPM Vulnerability
The information below includes a description of the vulnerability and details the steps recommended by Infineon and Fujitsu that users should take to secure affected product lines.
Summary:
A vulnerability in Infineon TPM hardware has been discovered recently with outdated TPM firmware using an algorithm that generates weaker RSA keys. This page provides information on how to update outdated TPM firmware.
For more detailed information please refer to the Infineon web site.
emptyMicrosoft has published additional information relating to operating systems. For detailed information please refer to the Microsoft web site.
Recommended steps:
- To download the respective updates for your system, please go to the Fujitsu Support page and perform the following steps:
- Select Product.
- Select Series.
- Select Model.
- Press Go.
- Download and install the latest BIOS and/or firmware update package.
Infineon Tpm
Affected Products:
A number of Fujitsu products are affected by these vulnerabilities. Fujitsu is working to distribute patches for all affected products that are currently supported. Older systems that are no longer supported will not be patched.
Fujitsu is providing an easy to use Windows-based tool for end customers to identify whether a TPM is installed in their system. If the tool finds a TPM in the system, then it will show the relevant TPM and firmware version. This tool can be found here: TPM Information Tool
Please note: for some affected products, TPM was sold as an optional component. This means that not all systems are affected by this issue.
An overview of the affected Client Computing Devices can be found here:
Infineon Tpm
Model Name | Original FW Version | Updated FW Version | Minimum BIOS Ver | Update Type | Update Tool1 |
LIFEBOOK E544 LIFEBOOK E554 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
LIFEBOOK E546 LIFEBOOK E556 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
LIFEBOOK E546 LIFEBOOK E556 | FW5.51 | FW5.62 | vPro V1.18 non-vPro V1.25 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
LIFEBOOK E547 LIFEBOOK E557 | FW5.61 | FW5.62 | vPro V1.13 non-vPro V1.09 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
LIFEBOOK E734 LIFEBOOK E744 LIFEBOOK E754 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
LIFEBOOK E736 LIFEBOOK E746 LIFEBOOK E756 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
LIFEBOOK E736 LIFEBOOK E746 LIFEBOOK E756 | FW5.51 | FW5.62 | vPro V1.21 non-vPro V1.27 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
LIFEBOOK P727 | FW5.61 | FW5.62 | V1.12 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
LIFEBOOK T725 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
LIFEBOOK T726 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
LIFEBOOK T726 | FW5.51 | FW5.62 | V1.15 | BIOS update and FW Tool2 | FPC48-2381-01 Infineon TPM2.0 Firmware Update Tool V1.0.0 |
LIFEBOOK T734 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
LIFEBOOK T904 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
LIFEBOOK T935 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
LIFEBOOK T936 | FW5.51 | FW5.62 | V1.14 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
LIFEBOOK T936 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
LIFEBOOK T937 | FW5.61 | FW5.62 | V1.13 | BIOS update and FW Tool2 | FPC48-2381-01 Infineon TPM2.0 Firmware Update Tool V1.0.0 |
LIFEBOOK U727 | FW5.61 | FW5.62 | V1.18 | BIOS update and FW Tool2 | FPC48-2381-01 Infineon TPM2.0 Firmware Update Tool V1.0.0 |
LIFEBOOK U727 6th Gen | FW5.61 | FW5.62 | V1.06 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
LIFEBOOK U745 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
LIFEBOOK U745 | FW5.51 | FW5.62 | V1.20 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
LIFEBOOK U747 LIFEBOOK U757 | FW5.61 | FW5.62 | V1.18 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
LIFEBOOK U747 6th Gen LIFEBOOK U757 6th Gen | FW5.61 | FW5.62 | V1.06 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
LIFEBOOK U904 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
LIFEBOOK U937 | FW5.61 | FW5.62 | V1.10 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
STYLISTIC Q616 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
STYLISTIC Q616 | FW5.51 | FW5.62 | V1.12 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
STYLISTIC Q665 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
STYLISTIC Q704 | FW4.32 | FW4.34 | No Dependency | FW Update Utility | FPC48-2383-01 Infineon TPM1.2 Firmware Update V4.34 |
STYLISTIC Q736 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
STYLISTIC Q736 | FW5.51 | FW5.62 | V1.15 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
STYLISTIC Q737 | FW5.61 | FW5.62 | V1.11 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
STYLISTIC Q775 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
STYLISTIC R726 | FW4.40 | FW4.43 | No Dependency | FW Update Utility | FPC48-2382-01 Infineon TPM1.2 Firmware Update V4.43.257.0 |
STYLISTIC R726 | FW5.61 | FW5.62 | vPro V1.18 non-vPro V1.18 | BIOS update and FW Tool2 | FPC48-2381-01_Infineon_TPM2.0_Firmware_Update_Tool_V1.0.0 |
1. Please see FAI Mobile Downloads site for postings. 2. The FW Tool must be used with BIOS update, although the BIOS update can be applied separately. |
WARNING:
Clearing the TPM resets it to factory defaults. All created keys will be deleted and you will therefore lose access to any data encrypted by those keys. For more detailed information regarding TPM Clear please refer also to the following Microsoft site.
Infineon Tpm Professional Package Remove
* Please note that this information is subject to change without any prior notice.