gpg and TPM
dgouttegattat at incenp.org
Thu May 13 23:03:51 CEST 2021
On Tue, May 11, 2021 at 02:03:21PM +0000, mailinglisten at posteo.de wrote:
>I´m not that familiar with the TPM in general
>is the TPM owner (and SRK) password safe against brute force attacks?
>Or do you need a complex password for the TPM?
My understanding is that the TPM offers the *possibility* to protect
against brute force attacks (through the “dictionary attack lockout
reset” mechanism), but I am not sure whether that protection is enabled
by default or if the tpm2daemon (the new component within GnuPG in
charge of using the TPM) makes use of it.
Until I know more, I use with my TPM stronger PINs than what I normally
use with my OpenPGP tokens, just in case. :)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 228 bytes
Desc: not available
More information about the Gnupg-users