LUKS Encryption Compromised on Linux ICS Devices via TPM Bus Sniffing Exploit

Trusted Platform Modules (TPMs) are widely trusted to safeguard cryptographic keys, especially in industrial Linux environments where full‑disk encryption like LUKS protects sensitive data. However, the security model assumes that communication between the processor and the TPM is either protected or confined to trusted hardware. When a device such as Moxa’s UC‑1222A exposes the SPI bus without session encryption, the TPM becomes a conduit for leaking secrets, turning a hardware‑rooted trust anchor into an attack surface.

The exploit hinges on the TPM2_NV_Read command, which retrieves data from a non‑volatile index inside the TPM. Unlike the more commonly targeted TPM2_Unseal operation, NV_Read does not enforce a PCR‑bound policy that would bind the response to a specific system state. Researchers captured the raw SPI traffic during the boot sequence, identified the NV_Read request, and extracted the LUKS master key from the unencrypted response. By dumping the eMMC after the key was recovered, they proved that full disk decryption could be achieved without any software compromise, highlighting a gap in vendor‑specific initramfs implementations that bypass standard protection mechanisms.

For operators of critical infrastructure, the lesson is clear: physical security and cryptographic protocol design must go hand‑in hand. Mitigations include enabling encrypted TPM sessions as recommended by the Trusted Computing Group, applying vendor firmware patches, and employing tamper‑evident enclosures to restrict bus access. Additionally, continuous monitoring of SPI traffic during boot can detect anomalous reads. As industrial IoT deployments expand, ensuring that TPM communication is encrypted will be essential to preserving the confidentiality guarantees that LUKS and similar encryption schemes promise.