gpg and TPM
Damien Goutte-Gattat
dgouttegattat at incenp.org
Thu May 13 23:03:51 CEST 2021
On Tue, May 11, 2021 at 02:03:21PM +0000, mailinglisten at posteo.de wrote:
>I´m not that familiar with the TPM in general
Me neither.
>is the TPM owner (and SRK) password safe against brute force attacks?
>Or do you need a complex password for the TPM?
My understanding is that the TPM offers the *possibility* to protect
against brute force attacks (through the “dictionary attack lockout
reset” mechanism), but I am not sure whether that protection is enabled
by default or if the tpm2daemon (the new component within GnuPG in
charge of using the TPM) makes use of it.
Until I know more, I use with my TPM stronger PINs than what I normally
use with my OpenPGP tokens, just in case. :)
- Damien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210513/a6fbf250/attachment.sig>
More information about the Gnupg-users
mailing list