[PATCH v3 0/5] Add TPM2 support to gnupg 2.3

Werner Koch wk at gnupg.org
Mon Mar 15 17:14:50 CET 2021

On Thu, 11 Mar 2021 08:51, James Bottomley said:

> The Intel TSS is very new.  I've actually been using the IBM TSS
> version of the patches with gnupg-2.2 for several years, so it's fairly
> well tested.  I thought once I had a testing infrastructure it would be

Okay, stuff for packaging folks ;-)

> It's certainly possible.  The TPM API you're after is called the
> sealing one.  What happens is that the TPM can encrypt a blob of data
> up to 128 bytes with a TPM internal key and give it back to you when
> you call TPM2_Unseal().  For safety, since the password cache isn't
> expected to survive a reboot, the parent of the seal operation should
> be the NULL seed, so the sealed data becomes unextractable after a TPM
> restart (the NULL seed changes on every restart).  You could seal the
> password when it's added to the cache and unseal it just before use. 
> The safety you get is that an attacker who steals memory pages can't
> unseal the password unless they also can access the TPM on your laptop.
> However, if the threat model is an attacker who can steal memory pages
> in real time, they can likely snoop the unseal operation as well and
> extract the password that way.

Thanks for explaining.  I see when we can add this.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20210315/696e6655/attachment.sig>

More information about the Gnupg-devel mailing list