Configure Dictionary Attack Defense Settings

Infineon Security Platform

previous page next page

Infineon Security Platform Solution

Configure Dictionary Attack Defense Settings

With this page you can configure how many authentication attempts should be allowed for various authentication types before dictionary attack defense measures are taken.

Notes:
  • This topic is only relevant for Security Platforms with a Trusted Platform Module 1.2. The details of the Security Platform dictionary attack defense mechanism are only valid for Security Platforms with an Infineon Trusted Platform Module 1.2.
  • This topic is mainly targeted at the Security Platform Owner.
Availability of page:
  • This wizard page is only available, if the policy Configure dictionary attack threshold is not configured.

The following table gives hints on how to use this wizard page.

Wizard Page Element Explanation
Specific authentication counters Select this option if you want to specify the number of allowed attempts for each authentication type individually.
Only Security Platform relevant counters Select this option if you only want to configure authentication types which are relevant for Security Platform Solution.

In this case only the following authentication types are displayed:
  • Owner authentication
  • Key authentication (e.g. used for Security Platform User authentication)
  • Data authentication (e.g. used by Windows BitLocker in combination with PIN)

Unselect this option if you also want to configure other authentication types which are not relevant for Security Platform Solution. For detailed information on these authentication types refer to the specifications from the Trusted Computing Group (TCG) and from your Trusted Platform Module Vendor.
Note that dictionary attack defense measures are taken when the number of allowed attempts for a certain counter is exceeded, whether the concerned authentication type is relevant for Security Platform Solution or not.
Overall authentication counter Select this option if you want to specify one overall authentication counter for all authentication types. Any failed authentication will increase this counter, independent of the authentication type.
Authentication Types This list displays all authentication types with minimum, maximum and currently configured values for the numbers of allowed authentication attempts.
Change the numbers of allowed attempts as desired. Make sure to enter only integers within the allowed range from minimum to maximum.
Disable platform temporarily Select this option if you want the defense measures to include temporarily disabling the Security Platform.


©Infineon Technologies AG

previous page start next page