[PATCH v3 0/5] Add TPM2 support to gnupg 2.3
Werner Koch
wk at gnupg.org
Mon Mar 15 17:14:50 CET 2021
On Thu, 11 Mar 2021 08:51, James Bottomley said:
> The Intel TSS is very new. I've actually been using the IBM TSS
> version of the patches with gnupg-2.2 for several years, so it's fairly
> well tested. I thought once I had a testing infrastructure it would be
Okay, stuff for packaging folks ;-)
> It's certainly possible. The TPM API you're after is called the
> sealing one. What happens is that the TPM can encrypt a blob of data
> up to 128 bytes with a TPM internal key and give it back to you when
> you call TPM2_Unseal(). For safety, since the password cache isn't
> expected to survive a reboot, the parent of the seal operation should
> be the NULL seed, so the sealed data becomes unextractable after a TPM
> restart (the NULL seed changes on every restart). You could seal the
> password when it's added to the cache and unseal it just before use.
> The safety you get is that an attacker who steals memory pages can't
> unseal the password unless they also can access the TPM on your laptop.
> However, if the threat model is an attacker who can steal memory pages
> in real time, they can likely snoop the unseal operation as well and
> extract the password that way.
Thanks for explaining. I see when we can add this.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20210315/696e6655/attachment.sig>
More information about the Gnupg-devel
mailing list