gpg and TPM

mailinglisten at mailinglisten at
Tue May 11 16:03:21 CEST 2021

Am 09.05.21 um 15:22 schrieb Damien Goutte-Gattat:
> Hi,
> On Sun, May 09, 2021 at 10:00:25AM +0000, mailinglisten--- via
> Gnupg-users wrote:
>> I wasn´t aware the TPM has that much space, does the TPM hold really a
>> complete key? Does it make sense to use ECC keys to save space on the
>> TPM?
> Keys are actually not stored *in* the TPM. When you use the `keytotpm`
> command, the key is encrypted in such a way that it can only be
> decrypted and used by the TPM, but the key is still stored, in this
> encrypted form (....)

Thanks for explaining. This is really interesting.
I´m not that familiar with the TPM in general, is the TPM owner (and
SRK) password safe against brute force attacks? Or do you need a complex
password for the TPM?


More information about the Gnupg-users mailing list