this post was submitted on 30 May 2024
19 points (100.0% liked)
Cybersecurity
5845 readers
222 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
TPMs have been able to store encryption keys instead of having them stored on disk or embedded inside software. But TPMs were mostly connected to the main system via simple buses like I2C, SPI, or simple UART. People figured out that by sticking a cheap sniffer like the ChipWhisperer, it would be easy to read off those keys while in transit.
Even easier would be to MITM using methods like clock glitching, so they would return fake credentials and get access to everything.
The next generation TPMs allowed on-device private/public key creation using creative random number generation schemes and on-board crypto libraries that couldn't be tampered with. But there was still the problem of keys going across those open busses.
To solve this problem, you need to have attestations between the main board and TPM which means storing multiple public keys and digital signatures from both sides, either during manufacturing or on first boot.
This way, if someone sniffs the wires, the data stream is asymmetrically encrypted. And with attestation, each side knows they are talking to only the right sender and receiver. Also, no two systems will have a common key, so even if someone de-caps a TPM2 module and gets the keys out, they can't use it to compromise other devices.
This is where we're at. Manufacturing and boot processes have to be modified to make sure nothing leaks out and everything stays put.
Meaning that software like systemd-crytpenroll would need to be updated to support this? I suppose what I'm trying to ask is this: As a user, if I want to set up full disk encryption using a TPM (1.2 or 2.0?) module, would I need to do anything different/novel during installation if I wanted to ensure that the bus is encrypted? And, if so, what would I need to do?