From Vulnerability to Verification: Building a Tool to Remotely Test Windows Hello PIN Security on systems without TPM

From Vulnerability to Verification: Building a Tool to Remotely Test Windows Hello PIN Security on systems without TPM

연구 분야: Infrastructure

학회: PCI '24: Proceedings of the 28th Pan-Hellenic Conference on Progress in Computing and Informatics

In the fast-paced domain of cybersecurity, specifically regarding the area of Windows authentication frameworks, we introduce new research on vulnerabilities in the protection of Windows Hello PIN and Trusted Platform Module executions. Based on a modest but rich record of previously known information and specialized analysis, this instrument is a significant step towards comprehension and testing of Windows-related authentication security. The primary aims, consequently, are to develop a tool that detects the occurrence of TPM on devices in the network and gains the status of TPM or to extract and pre-hash Windows Hello PINs to forcefully test them, particularly in environments where the TPM is absent or disabled. This represents an important continued scholarly line of work in the pursuit of building upon existing literature and offering on-the-ground, real-world chances that have concrete threats to their security presumptions surrounding Windows Hello PIN and TPM. Furthermore, this paper intends to furnish a foundational basis for future work, such as considering threat actors' possible courses of action and optimizing protective cybersecurity abilities.