Adding here For Discussion
This is why using a PIN (and preferably the extended one) is always recommended, and why fTPMs are just better.
Also, before someone goes on about backdoors, this is how an external dedicated TPM is meant to work. It’s plaintext.
1 Like
As per one of the linked articles in the description, here’s why fTPMs are better:
Some fTPM resist this attack (MitM dTPM), but you could just do MitM on the memory (or freeze it)
i.e., you need to perform a much higher skill attack to achieve the same goal, and I’m fairly certain it would be defeated with memory encryption, particularly TSME (someone correct me if that assumption is wrong)
With this in mind, PG should definitely mention PINs somewhere in the Bitlocker section.
3 Likes
This attack might be restricted to only TPM v1.2 as TPM v 2.0 is supposed to have support for encrypted sessions with the CPU. Though i was not able to find this specifically mentioned in any microsoft document or if the manufacturers actually implement this.
There is a GnuPG article which explains how TPM 2.0 can be used securely to encrypt pgp keys.
To do this correctly, the GnuPG TPM code sets up what are called sessions with the TPM that do HMAC instead of clear text password and encrypt sensitive information (like your private key for conversion) so that only the TPM on the receiving end can decode them.
https://gnupg.org/blog/20210315-using-tpm-with-gnupg-2.3.html
2 Likes
I’ll do some research on this as BitLocker is generally considered to be of a high quality.
1 Like
Here is a list of various Bitlocker attacks and its current state of mitigations -
GitHub - Wack0/bitlocker-attacks: A list of public attacks on BitLocker.
1 Like
Ah good old cat and mouse.